We dedicate ourselves to keeping business owners informed of risks regarding internet security. But unless a hacking or other such event occurs in your own life, you might find yourself wondering, “are small businesses really such a target for hackers? Wouldn’t they go after large companies?”
Well, yes, they do go after large companies as well. But the problem (for them) is that large companies often have entire IT departments and multiple layers of protection to overcome. It’s possible, but requires much more effort and hacking “expertise”. Smaller businesses, on the other hand, tend to take security a bit less seriously. Hackers know this, and many of them would prefer to go after the easier “jobs”.
But, it might still sound like a purely theoretical risk to some people. That’s why Ponemon researched the issue, and compiled relevant data within the State of Cybersecurity in Small and Mid-Sized Businesses in 2017. The report showed that a surprising 61 percent of small and mid-sized businesses experienced a cyber attack within the last year, and 54 percent of them suffered data breaches involving sensitive employee or customer data.
So, how did hackers get into these businesses’ networks? Just a few highlight from the report show:
- 48 percent of respondents reported phishing or social engineering attacks
- 43 percent suffered from web-based malware
- 54 percent identified an employee’s mistake as the cause of the invasion
Insufficient password policies. Password practices present another potential entry point for hackers. According to the report, 59 percent of business owners actually do not know what type of password practices their employees are using! Implementing a password procedure is so easy, that there’s no reason to overlook it.
Of course, the good news is that about 4 in 10 businesses were not targeted by an attack, or their defenses shot down the attack so efficiently that they were never aware of it. The key idea here is that it was probably their defensive position that saved the day! As we all know, it is easier to take a proactive approach to prevent a problem, than to clean up a mess later.
On that note, give us a call 888-RING-MY-TECH, and we can help you review your internet security protocol, implement a proper password procedure for employees, and more. In the best case scenario you will find that your procedures are top-notch, and receive reassurance that you’re doing a great job with internet security. But, let’s work together to be sure.