Small business owners take a relatively relaxed approach when considering their cybersecurity. However, this laid-back method of preventing cyber attacks can put them in a difficult situation. When asked about their cybersecurity efforts, most small businesses reported being unconcerned about a data breach, believing themselves an unlikely target for cyber criminals. Unfortunately, this casual attitude toward cyber threats is exactly what puts them at risk.
When companies don’t believe they are credible targets for cyber criminals, they are less likely to invest in cybersecurity software. Their limited defenses make them an easy target. While they may not possess as much sensitive data as a large company, even a few dozen credit cards can be a lucrative prize to a hacker.
Small Business Cybersecurity Facts
The following are some of the trending statistics regarding small businesses and cybersecurity:
- 84% of small business owners don’t feel at risk for a data breach
- 73% of small business owners don’t believe that have vulnerable customer data
- 73% of small businesses have some cybersecurity protocols in place; however, 64% manage their own IT
- 61% of cybersecurity incidents happen to small business
- 33% of small businesses invest in cyber liability insurance
What makes the above numbers so concerning is that even though small business owners are taking steps to protect themselves, they’re relying on their own know-how to do so. Most small business owners wear many hats during the startup phase, meaning they are the accountant, the marketing manager, the cybersecurity specialist, and more.
When spread that thin, there is no way to perform each job to the fullest. Something has to give, and, unless the owner has a background in IT, cybersecurity is not likely to be their strong suit. Compounding the problem, the majority of small businesses neglect to invest in cybersecurity insurance. Inadequate security measures combined with unacceptable exposure to risk can lead to financial crises that small businesses can’t withstand.
How to Protect Small Businesses from Hackers
Small business owners can take several steps to protect their enterprise from cyber attacks. Some recommendations include:
- Implementing and updating security software often.
- Only using secure point-of-sale (POS) systems
- Providing employee training on how to recognize spam, malware, and phishing scams
- Employing an IT expert
- Purchasing cybersecurity insurance
While most of the above points focus on prevention, businesses have to formulate a plan for dealing with a successful cybersecurity breach. This means investing in cybersecurity insurance that suits their risk profile. The Reilly Group understands that no insurance policy is one-size-fits-all. Contact us to learn more about how we can help protect your small business.
Cybersecurity has been making headlines due to a number of significant data breaches. Yahoo, Target, and Equifax are just some of the biggest successful hacks to gain attention. Most data breaches are the result of human or process errors. The top five causes are:
- Lost or stolen paperwork
- Posting or sending data to the wrong individual
- Emailing data to the wrong individual
- Insecure website (i.e. hacking)
- Lost or stolen unencrypted device
How Hackers Obtain Passwords
By now, most businesses know their employees need to use strong passwords including a mix of uppercase letters, lowercase letters, numbers, and symbols. Some even go so far as to implement a rule requiring employees to change their password every few months. However, even the strongest of passwords are vulnerable in traditional practices.
Adding a layer of difficulty to password strength is an employee’s propensity to reuse it. An employee may believe he or she has a strong password and thus reuses it with simple alterations. This is a problem if a hacker learns the basic password. The cybercriminal can brute force their way into several applications by adding 1s, !s, and other common password variations. To help employees manage their passwords, some companies are utilizing password storage software that encrypts the passwords while giving access to the employee.
Two factor or multi-factor authentication (2FA/MFA) can help cut down on hacker success since they rely on two or more separate methods of confirming an individual’s identity. The most common methods are inputting a password in combination with a code texted or emailed to a separate account. Some companies go so far as to implement biometrics (i.e. fingerprint logins) or single sign on (SSO) systems. SSO systems allow a user to login to several applications with a single login. This makes tracking unusual activity simple and allows companies to monitor accounts better.
Employee education is the best first line of defense against data breaches. Many employees are unaware that their password is weak or that their login is vulnerable. After bringing employees up to speed on modern cybersecurity, businesses need to invest in quality cybersecurity personnel and insurance. The specialists can help keep the hackers out while the insurance can help manage the aftermath should a breach occur. To learn more about protecting your business from cyber risk, contact the experts at The Reilly Company.
When forecasting the next five years, cybersecurity specialists produced some bleak statistics. Cybercrime is on the rise, and it is not showing any signs of slowing down. With cybersecurity technology struggling to keep up with high-tech crimes, the industry is bracing for what is to come. The following are the top predictions for cybersecurity in the near future.
When Cybercrime Pays
Experts believe cybercrime expenses will skyrocket to $6 trillion per year by 2021, doubling the damages reported in 2015. To put this number into perspective, cyber criminals will make more money than the entire worldwide trade of all major illegal drugs put together. This number is not the prediction of one fearmongering individual, either. The cybersecurity community at large agrees that significant damages are imminent.
Cybersecurity Jobs Vacancies
Part of the ongoing problem with cybercrime is the lack of cybersecurity specialists. Experts predict this problem will not only continue but proliferate as well. In fact, the cybersecurity workforce shortage will triple, leaving 3.5 million jobs unfilled. Because of this shortage of skilled personnel, businesses are turning to their existing IT employees to bridge the gap. Employers are recruiting anyone who works in IT or deals with technology (e.g. app developers) to defend sensitive data, programs, devices, and more.
Blood is Thicker than Silicon
The percentage of the human population connected to the internet is growing at a rapid rate. In 2015, there were 2 billion internet users; that number is now up to 3.8 billion. That is just over half of the entire world population. By 2022, experts expect that number to increase to 75%. This is significant because cyber criminals are shifting their gaze from machines to humans.
Businesses employ a variety of tactics to contend with cyber criminals, but it is not always clear which methods are the most effective. Understanding your business’ specific risks and applying cybersecurity measures is difficult, but The Reilly Company can help. We pride ourselves on uncovering cyber liability risks and implementing solutions to resolve them. To learn more, contact us today.