Posted by: Heather Shy on July 13, 2018 at 8:00 am
SMB cybersecurity – how important is it really? Does a small business really need to worry about data breaches and ransomware and strong passwords?
We’ve mentioned before how “too small to be a target” doesn’t apply anymore. Small businesses still have valuable and private data that must be secured, yet are more likely to skip basic cybersecurity measures due to limited staff and budget.
With that in mind, the Ponemon Institute conducted a survey last year to track how smaller companies are addressing these threats.
The report outlines the top 10 trends in SMB cybersecurity. While some of these statistics will be eye-opening, others will surprise no one who has any awareness of the cybersecurity challenges SMBs face.
- Cyber attacks are going up. Among these, phishing and web-based attacks lead the way. In addition, these attacks are not only becoming more common, but also more targeted and sophisticated, with more dangerous outcomes.
- Ransomware is huge, and growing. In 2016, only two percent of SMBs surveyed had been through a cyberattack referred to it as ransomware. By 2017, that number had grown to more than half (52%).
- Data breaches are terrifyingly common and compromise more records. 54% of businesses responded that they had suffered a data breach, with the average breach affecting 9,350 records.
- Humans are the weak link – maybe. Negligent employees are blamed for 54 percent of SMB data breaches. Almost 1/3 of the companies breached, however, could not determine the leak source.
- The Internet of Things makes people nervous. Perhaps rightly so. More than once, unsecured internet-connected devices have been herded into mass attacks that have shut down vast swaths of the internet. Only 29 percent of SMBs surveyed felt confident in their ability to secure IoT devices.
- More security layers needed. Malware and viruses are getting past intrusion detection systems (66%) and anti-virus (81%) at alarming rates.
- We need to get better about passwords. Most businesses (59%) cannot track employee password usage, impose strong password requirements, or forbid password sharing.
- We need to get better about passwords, part 2. Even among businesses that have password policies, lack of enforcement is a problem. One bright spot is that more SMBs require staff to secure mobile devices with passwords or biometrics.
- Good SMB cybersecurity costs money. Sorry, folks; it’s a hard truth. The good news is that a managed security service provider can step in and handle network monitoring, managed firewalls and intrusion protection, and other security items.
- Bad SMB cybersecurity also costs money. The average cost of lost productivity for a security breach is now over $1 million dollars. (Cue villain voice.) Can you afford a million dollars in lost productivity? Then you can’t afford a cybersecurity breach.
Where are the holes in your business’s cybersecurity practices? What do you need to do next to secure your business? If you aren’t sure, contact us today.