Cyber Security & Breaches

Why a comprehensive cybersecurity strategy is important to your business. 

Here’s an alarming statistic for small business owners: 65% of cyber-attacks are aimed at small to medium businesses.

If you’re a small business owner, you’re aware that your company may be vulnerable to attacks from hackers. Even if they haven’t found a way to break into your system yet, you can be sure someone is trying in order to steal your precious data. Hackers enjoy a challenge, to a point. If they can’t crack your system the first time, it’s more than likely that they’ll keep trying. If they can’t get in, they’ll eventually go away, but that doesn’t mean they won’t be back.

There is a good chance a hacker is watching your business right now and even a chance someone has already breached your security. According to one study, it takes an average of six months for businesses to realize that they have been, or are being, hacked. It then takes up to 55 days to confront and suppress the attack. By that time, it’s too late; the damage has been done.

Why do hackers target small businesses? Some of the reasons are obvious and some may surprise you. Here are 6 reasons why small businesses get hacked:

1. Under the Radar

Not every hacker wants to be famous. Most don’t care about having their conquests splashed all over the news. Many hackers attack small to medium businesses because those groups are less likely to report security breaches. The first reason for not reporting the breach is that the damage to their reputation can be much more expensive than the temporary loss of revenue, or the price of the ransom they’ll pay to retrieve their data. The second reason is because law enforcement agencies are not cybersecurity experts and can’t do very much to go after the hackers.

2. Complacency

Businesses go through cycles – some good, some bad. Hopefully, those cycles all contribute to company growth. While planning budgets, new hires, and equipment purchases for that growth, most business owners choose not to invest as much in their IT.  Frequently, the security updates and back-up (BDR) hardware needed to protect that growth eventually reach their end of life, leaving you vulnerable to attacks. Your old security software probably won’t be good enough to carry you safely into the future. Sure, it got you to where you are now, but it’s not recommended to rely on it just because it’s been “good enough” up to now. Hackers specifically watch for things that have reached end of life or are out of warranty because those items are likely not getting the latest security patches.

3. Smaller Budget for Security

It’s no secret that sometimes budgets get shifted around and you may not be able to allocate enough for security, especially during growth phases. An alarming 90% of small businesses admit to operating occasionally with no security system in place at all. No virus protection, no firewalls, no spam filters, and no back-up systems. The unfortunate part is not budgeting for security may land you in a place where you won’t budget for anything at all, out of business.

4. Lack of Proper Employee Training

Here’s an alarming statistic for you: up to 95% of ALL cybersecurity breaches that hit small businesses are due to human error. You try to stay on top of cybersecurity training for your staff, but people come and go all the time. Training is bound to be on the back burner. Sometimes breaches happen because people don’t follow simple procedures correctly, like password hygiene. Train employees on things like how to create a password. Explain to them why you should never write down your password and leave it posted to your computer. Since over 92% of all delivered malware is via email, coach your staff to not open unknown attachments or hastily click on links.

5. Usually Quicker to Pay the Ransom

One study showed that 53% of small businesses will pay the ransom to hackers upon contact with them. This happens when the business doesn’t have a strong back up system or a strong IT team on their side. They believe paying will get them back up and running sooner. Paying the ransom is no guarantee that you’ll get your data back. After all, these are criminals you’re dealing with. Plus, when you pay a hacker, you’re encouraging them to continue asking for more ransom money or attacking other businesses like yours.

6. You’ve Been Hacked Before

Hackers are like sharks; they can smell blood in the water from miles away. Once word gets out that you paid the ransom, you’ll have hackers lined up around the block. Like a lot of criminals, hackers are looking for the path of least resistance. When they realize you’re an easy target, you’d better prepare yourself for all kinds of cyberattacks.

What Should You Do?

It takes work to develop a comprehensive cybersecurity strategy. On top of that, you need to train your employees on what to look out for and maintain regular data backups. All these things and more are necessary in today’s cyber landscape. Almost every day news breaks about companies getting hacked. Big corporations like Apple, Amazon, Target, and Facebook can afford the best security available, yet they still get hacked. Some organizations can and will pay millions in ransom. For most others, a breach may result in closing down. Make cybersecurity a priority for your business and you’ll increase your chances of staying off a hacker’s watchlist.