A recent survey of 2,000 small businesses from across the country, in a variety of industries, shows just 2 percent of small-business owners view the threat of a cyberattack as the most critical issue they face.
(Taxes and cost of employee healthcare ranked as most top-of-mind.)
While those concerns make sense, security experts know that this “lack of focus” is exactly why hackers are putting their “focus” on small business. According to the 2016 State of SMB Cybersecurity Report, hackers have breached half of the 28 million small businesses in the United States.
Negligent employees or contractors (48% of respondents) and third-party mistakes (41% of respondents) were the most common causes of these incidents. However, almost one-third of respondents say their companies could not determine what caused the incident.
Why small business? “We’re just the little guys!”
Small companies offer a buffet of hacker options to exploit. Malware can hit any company and turn system computers into “stealth raiders” quietly hiding until they’re ready to attack. Many times, they even use smaller company vendors to hack larger companies, as happened with Target a few years ago.
Some data is more lucrative than others for hackers. Medical records, for example, can be used for years to cash in from filing fraudulent Medicare claims, and the information in them is difficult to change. While credit cards on the black market may only be worth a buck because cards are flagged and can be cancelled so quickly—medical records can be worth $1500 - $2000 on the street.
Would your employees pass this test?
Boredom is one of the biggest security risks. Random moments of the day checking personal email, favorite websites and social media can place a business in the crosshairs of a hacker. Homeland Security ran a test to see how hard it would be for hackers to use employee and private contractors to gain access to the agency’s computer systems.
Thumb drives were dropped in parking lots and restrooms. Some devices had Homeland Security logos. Others were labeled “vacation pictures”. Human curiosity won the day! A whopping 60% of the random labeled thumb drives were “plugged” into their office computers. Of those labeled with the Homeland logo, 90% of the thumb drives were installed.
Education and training can help prevent employees from making these potentially catastrophic mistakes. With top down support and encouragement, you can turn the weakest links in your organization to your greatest partners in cybersecurity protection.
If you’re considering managed IT services, Locknet® has an affordable product for employee training on internet security that has proven to be quite valuable to small business customers.
Affordable managed IT services can be a huge stress reliever.
Cybersecurity is not convenient, as IT security specialists at EO Johnson will tell you. A wholistic view of your full security posture, best practices, perimeter protection and who’s watching your alerts (if you have an alert system) are all part of taking in the big picture of your business’ security status.
Important common-sense questions need to be asked, including:
- What kind of data do you have? (Some data is a bigger target than others.)
- Does everybody in your organization need internet access?
- What’s the base configuration of your computers? Do they have DVD burners and multiple USB ports? (Makes hacking easier.)
- Are employees plugging phones into USB ports on their computers to charge phones? (Unless you have software to prevent the phone from synching with the PC, you’ve just created a potential hacking hazard.)
- What protective measures have been in place and how do you know if they are fully being utilized?
Although, large corporations can better withstand major breaches, the story for small business does not always end as well. You’ve built a successful small business. You know the value of good planning. Cybersecurity needs to be part of your plan. Take advantage of the “free” guide EO Johnson is providing below.
Cybersecurity for small business can touch all aspects of the owner's livelihood and life. Download our FREE guide: 7 Security Leadership Questions Small Business Owners Should Be Asking About Cybersecurity and take the important steps for your security.