Do Small Businesses Need Cyber Security?

PublisherSol Minion Developmenthttps: Small Business data security

"Hackers don’t target small business."

"I have insurance."

"I use anti-virus software."

"My IT guy handles that."

Small business owners set themselves up for unnecessary risks when they buy into these myths. The facts are that hackers do target small businesses, having the right insurance MAY help, and that software and IT staff can’t do enough to protect your business and your customers. And that all adds up to the conclusion that yes, small businesses do need cyber security.

Cyber Attacks and Small Business By The Numbers

Many small business owners believe the myth that small businesses aren’t the target of sophisticated cyber attacks. Here are some stats that might get you thinking otherwise. (source, source, source).

What Are The Top 4 Cybersecurity Threats Facing Small Businesses?

There are several aspects to cybersecurity threats. First, there are a few common methods of attack, including social engineering, phishing, malware, etc. Then, there are threats that target a lack of preparedness. In our experience, we see the following as the overall four greatest threats facing small businesses when it comes to cybersecurity:

  1. Lack of Training: Humans are the cause of 100% of successful cyber attacks. That may sound harsh, but the truth is all points of vulnerability can be traced back to a human mistake, whether it’s defending against a phishing attack, reporting a discovered breach, or properly securing and configuring hardware. And training is the key to stopping this threat.
  2. Social Engineering: Hackers are getting smart when it comes to getting humans to give up sensitive information, including usernames and passwords, financial information, and personal information that can be used to launch an assault once that information is known.
  3. Web Applications: A web application is built upon a software stack that requires regular updates and upgrades. From the hardware server all the way to user permissions and access, there are many threats to business software, and hackers will try them all.
  4. Malware: The type of malware that is getting the most press is Ransomware, but there are many kinds of malware. Hackers are getting better and better at tricking employees into installing this malware on the company’s network, including clicking an email link or sticking in an infected thumb drive into the USB slot (imagine finding one with an enticing label like, “2022 PowerBall Numbers [TOP SECRET]”).

What About Cyber Insurance?

We hear two things when it comes to insurance. First, many business owners mistakenly believe their general liability insurance covers damages from cyber attacks. It does not. Second, many believe that their cyber insurance may cover the damage. It MAY not. Insurance companies lost billions of dollars last year due to cyber attacks. Now, they are being very diligent with claims. They use two tactics to avoid paying: limiting payouts and declaring “Failure to comply”, meaning they claimed the business was negligent in not putting proper cybersecurity plans in place or not following through on existing plans.

Did you know you may be required to disclose an attack to your insurance? It depends on your state and level of compliance, but something as simple as not reporting an incident could mean no claim.

Finally, let’s say your business is properly insured, and then you get hacked. Think of the damage done due to loss of intellectual property, to your reputation, and the PR nightmare that may ensue. Insurance won’t cover that.

How Can You Protect Your Business From Cyber Attacks?

If you’re like most small business owners, you don’t have people dedicated to cyber security. You likely don’t have other resources assigned to protect your business. Don’t worry, that’s both common and easy to fix.

Start here, with our Basic Security Principles. It’s a white paper with three steps you can take to secure your business. That’s a great first step. From there, we can help you put together a cybersecurity plan to monitor, detect, and respond to any attacks.

Download the white paper.

Basic Security Principles