Recently, I attended a Cyber-Security Summit organized by the Arizona Technology Council. After attending many of these events in the past few years and through conversations at the many events I’ve attended, it’s clear this is still an important topic of education for small businesses. I’ll try to cover, not just the reasons for concern (hopefully without scaring anyone into giving up their smart phone entirely), but also some tips on how to prepare your small business for the ever-changing cyber-security threats.
During one of the six panel discussions last week, it was reiterated (at least to me) that small businesses are remain common targets and many aren’t prepared or are unconcerned about cyber-security. Since the Target hack, number of unconcerned has dwindled, but many are still unprepared because of cost or just not knowing where to find solutions.
Fact: Companies with 10,000 or fewer customer records are more likely to be targeted.
The “bad guys” - so-called black hat hackers or cyber-criminals - know that many small businesses lack access to the sophisticated solutions of larger enterprises simply because they are cost-prohibitive. These cyber-criminals are, just like any other criminal, very opportunistic and look for low-hanging fruit. Small businesses, more often than not, represent a virtual buffet of personally identifying information (PII) that can be used for identity theft. Whether small businesses are prepared or not, they are a target and a very large part of the economy.
Fact: Most small businesses are out of business within 6 months suffering a cyber-security incident.
Bitdefender recently surveyed 250 small businesses over a period of 3 months to find out more about the impact of cyber-security threats and the financial impact on small business. We’ve talked about the importance of security in this blog previously, but haven’t touched as much of the very real financial impact of a breach (though we have covered it in the context of HIPAA security on our Compliance Clinic site). These costs range from monetary (fines, notification expenses, and other penalties) to the intangible (cost of reputation and lost business). These often put small businesses out of business.
This week, we've outlined some of the reasons why cyber-security is important to small businesses. In the next two parts of these guide, we'll provide you with some ways to secure your Web site and prepare your employees.