July 10, 2019 CYBER SECURITY, SMBS

Small Businesses & Cybersecurity

For smaller businesses, it can be difficult to justify the cost of spending money on cybersecurity.  Long has cybersecurity been perceived as an element which, on the surface, seems to have little to no return.  These companies clearly have limited financial resources when compared to their enterprise counterparts. Truly, ignoring cybersecurity can be quite detrimental to any business.  Regardless of size.  And the numbers are less favorable for small ones. 60% go out of business within 6 months of a cyberattack.

We need to move past the belief that a company is too small to be worried about a cyberattack. This misconception has been used all too often to justify cutting cybersecurity out of an IT budget. Or even considering it all together.  A point which hasn’t been without consequence. Verizon’s 2019 Data Breach Investigations Report (DBIR) found that 43% of breaches involved small business victims.

Simply put, hackers target small companies.

Hackers don’t necessarily target specific small companies.  Instead, they release an exploit, malware, etc. into the “wild” in the hopes that something sticks. And very often, it does.

Small companies often lack the security personnel to support their organization.  In fact, 56% have no cybersecurity specific experts. More than a third don’t even have network protection in place. And 31% do without email security.  Email being the preferred delivery method for malware (email attachments were the top malware action vector in Verizon’s 2019 DBIR).

So where do we go from here?

There needs to be an understanding that a cyberattack is imminent.  That even small companies need to take the necessary steps to mitigate such an incident. And hopefully, avoid a compromise all together.

That means implementing cybersecurity solutions.  Creating incident response plans.  Training employees to be aware of tactics hackers use to gain access to a network. For instance, educating employees how to spot phishing emails.  Then having them report those emails.  Not only do these steps make them active participants in protecting your company, they help create a culture of cybersecurity.

For more information on how to protect your network against cyber threats, download our white paper.