Hackers target small businesses with cybersecurity threats, but often times these types of threats are not on a small business's radar.
A recent survey shows just 2 percent of small-business owners view a cyberattack threat as the most critical issue they face. Taxes and cost of employee healthcare ranked as top-of-mind.
While these concerns make sense, security experts know that this “lack of focus” is exactly why hackers place “focus” on small businesses. According to this 2016 report, hackers breached half of the 28 million small businesses in the United States.
Negligent employees or contractors (48% of respondents) and third-party mistakes (41% of respondents) were the most common causes of these incidents. However, almost one-third of respondents say their companies could not determine what caused the incident.
Small companies offer a buffet of hacker options to exploit. Malware can hit any company and turn system computers into “stealth raiders” quietly hiding until they’re ready to attack.
Many times, they even use smaller company vendors to hack larger companies, as happened with Target a few years ago.
Some data is more lucrative than others for hackers. Medical records, for example, are used for years to cash in from filing fraudulent Medicare claims, and the information in them is difficult to change.
Credit cards on the black market may only be worth a buck because cards are flagged and canceled quickly. In contrast, medical records can be worth $1500 - $2000 on the street.
Boredom is one of the biggest security risks. Random moments checking personal email, favorite websites, and social media places a business in the path of a hacker.
Homeland Security ran a test to see how hard it would be for hackers to use employee and private contractors to gain access to the agency’s computer systems.
Thumb drives were dropped in parking lots and restrooms. Some devices had Homeland Security logos. Others were labeled “vacation pictures”.
The results revealed a whopping 60% of the randomly labeled thumb drives were “plugged” into their office computers. Of those labeled with the Homeland logo, 90% of the thumb drives were installed.
Education and training help prevent employees from making these potentially catastrophic mistakes. As a result of top-down support and encouragement, you can turn the weakest links in your organization into your greatest partners in cybersecurity protection.
If you’re considering managed IT services, Locknet Managed IT provides an affordable product for employee training on internet security. This training proves to be valuable to small business customers.
Cybersecurity is not convenient, as IT security specialists at EO Johnson will tell you. A holistic view of your full security posture, best practices, perimeter protection, and who’s watching your alerts (if you have an alert system) are all part of the big picture of your business’s security status.
Important common-sense questions need to be asked, including:
Although large corporations can better withstand major breaches, the story for small businesses does not always end as well. You’ve built a successful small business. You know the value of good planning. Cybersecurity needs to be part of your plan.