Damages from cybercrime will cost $6 trillion by 2021. It’s a statistic from Cybersecurity Ventures that can’t be ignored and it’s the biggest threat facing businesses today, with reports indicating that more than 50 percent of IT decision makers are flagging phishing attacks as a top security threat. This year alone, ransomware will hit a new organization every 14 seconds.
Then, there’s the data breaches. With large enterprises like Equifax, Facebook, Marriott, and Under Armour experiencing mega security incidents and exposure of sensitive information, data breaches have become an unavoidable part of our interconnected world. However, hackers and cybercriminals are turning their attention to smaller businesses, which are just as susceptible to these crimes as enterprises.
According to Ponemon’s study 2018 State of Cybersecurity in Small and Medium-Size Businesses, 67 percent of Small and Mid-sized Businesses (SMBs) have experienced a cyberattack. Unlike big corporations that have the resources to invest in robust cybersecurity, smaller organizations are often limited when it comes to digital defense. And, despite having less data to manage than their larger counterparts, it’s no less valuable to cybercriminals.
The Perfect Data Breach Storm
The same sophisticated attack methods that cybercriminals use to bombard corporations can overwhelm SMBs, who often lack sufficient security infrastructure, expertise, operational support, or budget to combat vulnerabilities. Mobile devices have become a gateway to data breaches and cyberattacks. Whether company-issued or employee-owned devices, fraudsters are increasingly using these endpoints to infiltrate company networks. Verizon’s Mobile Security Index 2019 showed that 88 percent of businesses with fewer than 500 employees believe the risks associated with mobile devices are serious and growing.
SMBs are typically very limited on the time, resources, or experience available within their company to properly train employees on cyber threats and security best practices. Employee error or negligence causes 40 percent of data breaches, as reported by Shred-it. Whether it’s an employee clicking on a phishing email, misjudging the realness of a sender and therefore divulging sensitive information, or having their cell phone “taken over” where sensitive company information resides, these mistakes can lead to serious hacks or breaches. Exposed or compromised information can be used to commit personal or business identity theft, or be sold on the Dark Web to criminals who will perpetuate a cycle of endless fraud, which could result in an SMB having to close its doors.
How SMBs can Mitigate Risk
The numbers are out there — and the costs are significant: The 2018 Cost of a Data Breach Study by Ponemon Institute found that even a breach of less than 10,000 records costs an average of $2.1 million. When the data breach hits this close to home for an SMB, it can wreak havoc on the business from losing customers who feel betrayed, to lost opportunities from a tainted reputation. The recovery process can take years — and that may be time a small business just doesn’t have.
So what do you need in your protection arsenal? Security awareness and education is a solid place to start. It’s critical for small businesses to get familiar with identifying common scams generated through emails, suspicious attachments, and robocalls. Once you know what to look for, put together a formal training program and equip your employees with the knowledge to help protect the company from today’s cybercriminals so that they can’t interfere with tomorrow’s business operations.
For what you can’t do on your own, make smart investments toward protecting your business data. There are many cost-effective options to help reduce the fallout of a data breach, including cyber and data breach insurance, identity theft protection for your business, employees and customers, and mobile cybersecurity solutions that provide visibility into threats on mobile devices for both your employees and your company. Building a comprehensive strategy with the right support and services can alert you to a security incident before it turns into a full-blown data breach, and help you recover if the worst were to occur.
Don’t have a false sense of security. Get the protection your SMB deserves and take the time to safeguard your employees, customers, partners — essentially all those driving your business — today. Cybercriminals are pushing the limit to how they get to your sensitive and confidential information — so should you.
Rich Scott is Chief Commercial Officer of EZShield + IdentityForce.