Cyber security is vital for small businesses
Columnist Dean Swanson says just because you're not a Fortune 500 company, doesn't mean your data isn't important to protect.
Do you think cybercriminals are too busy targeting the likes of Capital One, Citrix and Facebook to bother with your small business? Think again.
Some 76% of cyberattacks occur on businesses with fewer than 100 employees. Cybercriminals know small businesses tend to be easy targets, and that accessing a small business’s computer networks often gives them access to client and vendor networks, too.
While digital transformation offers many benefits, it also comes with many challenges. For instance, investing in technology also increases cybersecurity risks. Artificial intelligence and machine learning have been known to potentially increase the attack surface for hackers, while big data and the cloud hold lots of information, which can pose a considerable risk in the wrong hands.
For a small business the cost of a data breach can be devastating. The average cyberattack costs smaller companies an average of $3,533 per employee. It takes an average 206 days to identify a risk and another 73 days to contain it.
No wonder nearly 60% of companies go out of business within six months of a cyberattack.
The stakes are high. Fortunately, there are some steps you can take to prevent a cyberattack. My recent discussions with CEOs remind me that this is one risk that is of high concern.
The FBI reports that instances of cybercrime grew as much as 300% since the beginning of the coronavirus pandemic. The Bureau’s Internet Crime Complaint Center (IC3) receives between 3,000-4,000 cybersecurity complaints a day, up from an average of 1,000 per day before the pandemic hit.
As America’s daily activities increasingly moving online due to stay-at-home orders, the opportunities for cybercriminals grew due to:
- Employees, new to remote work, who were unaware of basic security measures.
- Businesses struggling to keep externally-accessed systems secured.
- Lack of social and workplace interactions.
There are ongoing uncertainties, including:
- Supply chains (PPE and essential goods).
- Online orders and payments.
- Medical help and COVID-19 testing.
- High unemployment.
- Fears and other factors.
What’s putting your business at risk? The answers might surprise you. The five biggest cybersecurity risks for small businesses are:
- Human Capital Risk: Hackers target employees, which is why you need a strong IT security staff. Educate your employees about your security requirements.
- Cyberthreat Risks: These include phishing and social engineering (tricks cybercrooks use to make people do things they don’t want to do); clickjacking (technique used by cybercriminals to hide malware and other threats under content of legitimate sites); botnets (a network of hijacked computers and devices infected with malware remotely controlled by a hacker to send spam and launch DoS attacks; file-less attacks (malware that doesn’t drop a file on your disk, but can infect your computer, steal your data, etc.); and denial of service (DoS ) attacks designed to disable, shut down or disrupt a network, website or service).
- Data Risk: The exposure to loss of value or reputation caused by issues or limitations to an organization’s ability to acquire, store, transform, move, and use its data assets.
- Infrastructure Risk: Potential losses due to failures to protect business critical data assets and applications. It’s key to make sure technologies, such as mobile, cloud, social media, and "internet of things" devices – think everything from your Ring doorbell to your smart thermostat – are safe to use in the workplace.
- Operational Risk: Protecting against data breaches and other cybersecurity threats.
You should keep track of key cybersecurity trends to understand the latest developments and current threats. This intelligence is key to improving your cybersecurity strategy and response plan. Additionally, invest in employee training, enhance your IT systems, keep your software updated, fix all security holes, and have an effective security policy.
Cyberthreats has grown more sophisticated every year. Next week, I will suggest what you should watch for to protect your small business from these risks.
Dean Swanson is a volunteer Certified SCORE Mentor and former SCORE chapter chairman, district director and regional vice president for the North West Region.