SMBs and Cyber Threats

SMBs and Cyber Threats

By |2019-01-17T16:19:50+00:00January 22nd, 2019|Information Security|

For those who own or operate a small to medium size business, cybersecurity may not be a top priority. Many SMB leaders mistakenly believe cyber criminals focus strictly on large public and private sector organizations. However recent stats indicate SMBs should be increasingly wary of potential cyber attacks. Research shows more than 70 percent of cyber attacks occur at businesses with fewer than 100 employees.

 

Cyber Attacks Are Costly

Cyber attacks on small and medium size businesses can have enormous financial repercussions. Industry experts estimate that more than 50 percent of cyber breaches have cost small businesses more than $500K in financial losses – considering lost customers, lost revenue and lost sales opportunities. Cyber attacks also cause interruptions in operations, affecting productivity, profitability and potential safety issues.

 

SMBs Are Easy Targets

There are a number of reasons why SMBs are attractive targets for cyber criminals. First of all, any business that does not make cybersecurity a priority or does not have the funds to do so, has a built-in vulnerability. Many SMBs believe their data is not valuable enough to hack. This type of thinking is equivalent to leaving a car unlocked with the keys in the ignition and trusting it won’t be stolen. Most small and medium size companies are targeted by cyber criminals with the intent of stealing employee or customer data, such as social security numbers or credit card information, which is quickly sold in the online black market. There are several vulnerabilities that make SMBs easy targets for cyber attacks:

  • Tight budgets and lack of funding for enhanced security measures.
  • Inadequate employee training on security policies.
  • Failure to implement strong password policies.
  • Unprotected networks.
  • Unprotected endpoints (e.g. mobile phones, laptops, all-in-one printer/fax machines and other IP-enabled devices).
  • Absence of strong IT security leadership and resources.
  • Failure to prioritize cybersecurity.

 

Cyber Attacks Take Many Forms

Most SMBs have entry points that bad actors attempt to infiltrate. Cyber threats are constantly evolving, but here are some of the most common:

  • Distributed Denial of Service (DDos) Attacks – a network is bombarded with a high number of requests, eventually overloading and shutting down.
  • Phishing Scams – a legitimate-looking email or website is used in an attempt to gain access to a device.
  • Ransomware Attacks – a device or network is infected with a malicious program that demands payment in order to return operations to normal.
  • Password Attacks – attempts are made to determine system or user credentials and then gain access.  
  • Advanced Persistent Threats (APTs) –  attacks are made over a long period of time until access to the network is eventually gained and then the malicious program remains in the network undetected and continually copying valuable data.

 

Cyberdefense Strategies

A significant step toward helping SMBs protect and defend against cyber attacks is to create awareness about the urgency of issue – it’s not a matter of if an attack will occur – it’s a matter of when. In addition to establishing, documenting and communicating a company cybersecurity policy, SMBs will need to allocate resources to support the plan. Failing to invest in cybersecurity is short sighted as prevention has been shown to be less costly than a cyber breach. The average financial impact of just one data breach for SMB is reported at $120K. In fact, the aftermath of a data breach can be so devastating for an SMB that 60 percent actually go out of business within 6 months of an attack.

For SMBs to establish robust security measures, there is no need to spend time or resources attempting to build a custom solution. For example, Attila’s GoSilent is an affordable off-the-shelf solution that offers Top Secret level security, data traffic filtering and captive portal isolation but also integrates seamlessly with operations, deploys quickly and does not require a team of specialists to set-up and configure. Learn more about how GoSilent’s next generation technology can lock-down your company’s network and protect its valuable data.