Are small businesses under increasing risk of cyber-attacks?

cyberWhen it comes to cyber-security, high-visibility data breaches get all the press, which is understandable.

But small businesses are also victims of cyber-attacks.  And sometimes those events can be financially devastating.

Now a newly published survey quantifies the extent to which small businesses are at risk.  The National Small Business Association polled nearly 850 U.S. small business owners (most with annual revenues between $500,000 and $25 million) in August 2013).  The NSBA survey found that nearly 45% of the respondents’ businesses had been the victim of cyber attacks such as malware, spyware or banking Trojans.

The average cost of these cyber attacks was reportedly nearly $9,000 – with some dollar amounts going much higher.

Separately, another study shows that a record number of cyber attacks targeted small businesses in 2012.  Verizon’s Data Breach Investigations Report examined 855 data breaches and found that over 70% of them involved victim companies with fewer than 100 employees.

Verizon’s 2013 report is showing a continuing increase in cyber attacks on small business, meaning that 2012 was no fluke.

What’s going on here?

According to the Verizon study’s conclusions as well as comments from security experts like Vikas Bhatia, small and medium-sized businesses could be doing a better job of “offensive defense.”

Among the mistakes commonly observed in small businesses are these:

  • Lack of conducting regular backups of business data
  • Neglecting to store backed up data offsite
  • Failing to test data restore functions on a periodic basis
  • Neglecting to keep antivirus software up to date, including software patches and updates
  • Practicing sloppy password protection behaviors (using plain-language passwords … using identical passwords across multiple accounts, etc.)
  • Not understanding cloud-based data storage and what outsourced providers’ liabilities are (and are not) for protecting data

There’s no question that cyber-security continues to be a big challenge – and probably a growing one – for many companies.

But it’s also pretty evident that many businesses could be doing more to protect themselves from the heartburn (and financial fallout) along the way.

One thought on “Are small businesses under increasing risk of cyber-attacks?

  1. I suppose the question needs to be asked: Is it possible for any online retailer to guarantee that its online transactions are secure?

    And if not, what are the long-term consequences for companies and consumers? Could credit card issuers eventually decide they can no longer absorb massive losses due to website hacking? Might they then decide that card holders will have to pay for any unauthorized use? And what would that mean for online commerce?

    After the Richard Snowden revelations, we heard that some diplomatic corps have decided to abandon (some) electronic communications for security reasons. They’ve gone back to paper, ink, and diplomatic pouches.

    If governments are now skeptical of their sophisticated online security measures in the face of equally sophisticated hackers, you have to wonder if banks and card issuers might soon draw similar conclusions and react accordingly.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s