As technology is continuously growing and advancing, the potential for an attack or breach on this technology is as well. Most people think only the government and large corporations must worry about cybersecurity breaches, but this is incorrect! According to the Department of Homeland Security in 2018, 40% of cyber-attacks target businesses with fewer than 500 employees. Computer crime is now the #1 criminal moneymaker, so the risk is certainly there for all companies, no matter big or small!
What Types of Breaches are Possible?
These breaches can range from man-in-the-middle schemes to classic malware and phishing attacks. Most of the time, cybercriminals target items that will provide financial gains such as banking records or credit card numbers. However, personal records are becoming a growing concern. A common tactic is for a cybercriminal to trick an employee into providing their credentials. After gaining access with these credentials, they “pivot” to whatever the target is (such as financial information or personal records).
How Much Could Cyber-Attacks Cost A Business?
There is not a guaranteed or defined amount that attackers can steal. At a minimum, a small retail establishment or seasonal business might lose $38,000-$55,000 due to a single attack. This number includes the loss of productivity, the cost to remediate, and other expenses. That number also does not include the payment of damages to the victims, regulatory fines, and legal fees, which can reach millions.
Do Hackers Target Small Businesses?
We have noted that smaller businesses have been getting targeted in cyber-attacks more so than in recent years. Criminals consider small and mid-size businesses to be softer targets than large companies. Smaller companies are viewed as easier targets because most do not have the resources to maintain full-time technology personnel or continuously update and monitor their security.
What Can You Do to Protect Yourself?
Due to the nature of new attacks and unknown threats being used in the wild every day, by nature, cybersecurity is a reactive process rather than a proactive one. With that said, however, there are some measures you can take to protect yourself as a business owner.
- Engage the assistance of security professionals. It cost less to harden your system than to recover from an attack.
- Install proper firewalls.
- Keep your security software up to date.
- Provide employee access to sensitive information only on a need-to-know basis.
- Train employees in proper security procedures and how to spot a phishing, spam, and illegitimate email.
- Encrypt all data.
- Do not permit plugging in unauthorized devices into office computers.
- Limit internet access on your computer systems.
- When replacing computers and other electronic devices, make sure to clean all hard drives of information completely.
Unfortunately, if you have suffered a security breach, the only steps are to pick up the pieces, pay for damages, remediation, and research how the breach occurred. Researching will help in preventing the same breach from happening again. Although no system is impenetrable, if you take the right precautions, your risk is significantly limited. Another precaution to strongly consider is to purchase Cyber Insurance, so the risk and impact of a potential breach are lessened considerably. Call Avery Hall Insurance today to get a no obligation quote for cyber liability insurance.