The Surprising Truth About Cyber Security for Small Businesses
by Tim Taylor | Apr 11, 2018 | Business Insurance, Cyber Security
It’s not uncommon to hear about large cyber attacks on high-profile companies like Target or Sears. For many organizations, hearing about these attacks has raised awareness about the potential threat of a cyber attack.
However, recent surveys by the Small Business Authority and the National Cybersecurity Alliance suggest that many small business owners operate under the false assumption they are safe from the threat of a cyber attack.
A common misconception is that hackers only target large organizations. The truth is, businesses of any size can be targeted. And when it comes down to it, small business are less likely to have the correct processes in place to protect themselves from a cyber threat.
Studies by the Small Business Authority indicate that many small businesses are grossly underprepared to prevent and/or diffuse a cyber threat. For example:
- Less than 50% of small businesses have cyber security measures in place
- Of the 50% of businesses with cyber security measures, a majority of the protections are rudimentary at best
- Only 25% of small business owners have had an outside source test their computer systems to ensure they’re hacker-proof
- 40% of small businesses do not have their data backed up in more than one location
Small Doesn’t Equal Safe
More often than not, small business owners believe they are not at risk for cyber threats. In fact, despite wide-spread cyber attacks in recent years, 85% of small business owners believe their business is safe from hackers, viruses, malware, or a data breach.
Although many business owners mistakenly believe hackers would prefer to target large organizations, this is entirely untrue. A cyber attack can affect any organization of any size at any time if the appropriate protective measures are not taken. In fact, a study by Symantec found that 40% of cyber attacks are against organizations with fewer than 500 employees.
The Effect of a Cyber Attack on Your Bottomline
The fact of the matter is that a cyber attack can have devastating consequences for your organization. According to Kaspersky Lab, the average cost of a cyber attack to a small-to-medium-sized business is +$200,000. This same study found that 60% of businesses that experienced a cyber attack closed permanently within six months of the attack.
The unfortunate truth is that a majority of these attacks could have been prevented with the appropriate precautions in place.
10 Steps You Can Take Today to Prevent Cyber Attacks
Even if you don’t have the resources to overhaul your cybersecurity measures, there are many steps you can take to increase your security. Here are ten steps you can take today to lower your risk of a cyber attack:
- Train employees in basic cybersecurity principles.
- Install and regularly update antivirus and antispyware software on every computer used at your business.
- Use a firewall for your internet connection.
- Download and install software updates for your operating systems as soon as they become available.
- Make backup copies of important business data and information.
- Control physical access to your computers and network components.
- Secure your Wi-Fi networks. If your workplace has a Wi-Fi network, make sure it is secure and hidden.
- Require individual user accounts for each employee.
- Limit employee access to data and information and limit authority to install software.
- Regularly change your passwords, and make it mandatory for all employees to change their password every three months.
Cyber Security Key Takeaways
- Any size business can be affected by a cyber attack
- Most small business owners do not have the appropriate procedures and precautions in place to protect their business from cyber threats
- A cybersecurity attack can have a detrimental financial impact on your business
- There are small steps you can take today to reduce your risk of falling victim to a costly cyber attack