Do you think cybercriminals are too busy targeting Capital One, Citrix and Facebook to take care of your small business? Think again.
Some 76% of cyberattacks affect companies with less than 100 employees. Cybercriminals know that small businesses tend to be easy targets and that access to small business computer networks often also gives them access to customer and supplier networks.
While digital transformation offers many benefits, it also comes with many challenges. For example, investing in technology also increases cybersecurity risks. Artificial intelligence and machine learning are known to potentially increase the attack surface for hackers, while big data and the cloud contain a lot of information, which can pose considerable risk in the wrong hands.
For a small business, the cost of a data breach can be devastating. An average cyberattack costs small businesses an average of $3,533 per employee. It takes an average of 206 days to identify a risk and an additional 73 days to contain it.
No wonder nearly 60% of businesses go bankrupt within six months of a cyberattack.
The stakes are high. Fortunately, there are steps you can take to prevent a cyberattack. My recent discussions with CEOs remind me that this is a very concerning risk.
The FBI reports that cybercrime cases have increased by 300% since the start of the coronavirus pandemic. The Bureau’s Internet Crime Complaint Center (IC3) receives between 3,000 and 4,000 cybersecurity complaints per day, compared to an average of 1,000 per day before the pandemic.
As America’s day-to-day activities increasingly move online due to stay-at-home orders, opportunities for cybercriminals have increased due to:
- Employees, new to remote work, who were unaware of basic security measures.
- Companies that struggle to keep systems accessible from the outside secure.
- Lack of social and professional interactions.
There are ongoing uncertainties, including:
- Supply chains (PPE and basic necessities).
- Online orders and payments.
- Medical help and COVID-19 test.
- High unemployment.
- Fears and other factors.
What puts your business at risk? The answers might surprise you. The five biggest cybersecurity risks for small businesses are:
- Human capital risk: Hackers target employees, which is why you need strong IT security personnel. Inform your employees of your security requirements.
- Risks of cyber threats: These include phishing and social engineering (tricks used by cybercriminals to trick people into doing things they don’t want to do); clickjacking (a technique used by cybercriminals to conceal malware and other threats under the content of legitimate sites); botnets (a network of hacked computers and devices infected with malware that is remotely controlled by a hacker to send spam and launch DoS attacks; fileless attacks (malicious software that does not drop a file onto your disk, but can infect your computer, steal your data, etc.); and Denial of Service (DoS) attacks designed to disable, shut down, or disrupt a network, website, or service).
- Data risk: Exposure to loss of value or reputation caused by problems with or limitations in an organization’s ability to acquire, store, transform, move and use its data assets.
- Infrastructure risk: Potential losses due to failures in the protection of data assets and critical business applications. It’s essential to ensure that technologies, such as mobile devices, cloud, social networks and “Internet of Things” (think of everything from your Ring doorbell to your smart thermostat) are safe to use on the premises of work.
- Operational risk: Protection against data breaches and other cybersecurity threats.
You need to keep up with top cybersecurity trends to understand the latest developments and current threats. This intelligence is key to improving your cybersecurity strategy and response plan. In addition, invest in employee training, improve your computer systems, keep your software up to date, fix all security vulnerabilities and have an effective security policy.
Cyber threats have become more sophisticated every year. Next week, I’ll suggest what you should watch out for to protect your small business from these risks.
Dean Swanson is a SCORE Certified Volunteer Mentor and past SCORE Chapter President, District Director and Regional Vice President for the North West Region.