If you have a bank account or a credit card, chances are you’ve been made aware of a hack or a data breach. Big organizations are more frequently being breached, forcing them to run damage control for the often millions of customers affected. News coverage often bashes these big organizations, but what about smaller ones? The truth is, smaller businesses are breached just as often, with the consequences being just as severe.
When the news reports a data breach or large-scale cyberattack, the event in question is usually one that has targeted an astronomical number of people, or has created difficulties that are undeniably newsworthy. How often has the national news reported a breach in one of your local Mom and Pop shops, as compared to entities like Equifax or Capital One?
Obviously, it makes sense that these small-scale attacks don’t often hit the national news cycle… after all, the Equifax breach compromised the data of 40 percent of Americans. However, in the month of July 2019 alone, there were approximately 2.2 billion records leaked over an assortment of 27 different cyberattacks. That’s about a quarter of the world’s population - not accounting for overlap between the information accessed.
Now, you may be wondering, how do these major breaches influence your business? Well, I’d like you to consider how many employees (out of a total of 49,000) Capital One has dedicated to its cybersecurity and data theft prevention? While I don’t have the official number to give you, it’s a pretty safe bet that it’s more than the average small business in Northern Virginia and Washington DC.
As a result, a cybercriminal generally finds it much easier to access a small business’ network, and while the gains to be had are significantly smaller than they would be to hack into a global enterprise, many cybercriminals prefer to take the “larger amounts of smaller payouts” than the “more challenging single payout” option.
It’s no wonder, either...nearly 40 percent of small businesses ultimately pay up when faced with ransomware, and a single person’s personal information can be sold on the Dark Web for anywhere from $1 to a thousand times that… all depending on how much of their data was stolen. How many records like this do you keep on your customers and employees? It doesn’t take very many to make it worthwhile for a cybercriminal to steal them.
Chances are, if you were to be targeted right now by some kind of online threat, it would probably be more due to bad luck than it would be due to a concerted effort against you, specifically. Many of today’s biggest cyberthreats are the ones that can spread independently - things like phishing, malware, and trojans. Once a system is infected, the threat can spread via a network connection or an email.
While these threats have largely become obscured by the more newsworthy breaches, they are no less dangerous to a business.
Smaller organizations do have one considerable advantage over large enterprises, like the 49,000-employee Capital One: fewer employees means fewer points of entry for a cyberthreat. You need to be sure that each employee, each piece of technology, every access method, and too many other factors to list here are all properly secured. The smaller size of a small business makes this a much more manageable goal.
While this isn’t a one-size fits all list, a business of any size should use these practices as a least a starting point for their IT security. If you want more help in keeping your business secure, reach out to Computerware. An IT security audit and the right solutions are just a call to (703) 821-8200 away.