2019 saw cyber security attacks accelerate including the WhatsApp hack that injected spyware onto consumer devices, the Facebook hack that publicly exposed over 500 million user records to the First American hack exposing over 900 million records. With all the news about these big hacks, news related to small business gets buried.
Unfortunately, small businesses are disproportionately targeted by cyber-criminals. Verizon Data Breach Investigations Report states that 43% of cyber attacks involved small businesses, which is up over 15% year over year. According to Accenture, more than half of all SMBs incurred a data breach in the past year. What’s worse is 60% of those SMBs that experienced a data breach will go out of business within six months.
Small businesses are attempting to fend off an onslaught of cyber attacks such as DDoS attacks, phishing and ransomware. In fact, every 14 seconds there is a new ransomware attack in the US. Given all this, what’s a small business to do? This brings us to our three big trends in small business cyber security for 2020.
Cyber Security Training – Make Prevention Part of Culture
Most small businesses are keenly aware of phishing scams. You know the ones that show up in email posing as something legitimate, and when you click on them, they download a nasty virus. In fact, 91 percent of company breaches occur due to phishing.
Email security tools are struggling to keep up with all the new phishing methods. While these security tools are important it is even more important to train employees and hold them accountable. Your business may depend on the culture you create around security.
On average, just 3 in 10 employees receive training on cyber security annually. Human error is almost always at the root of phishing exposure, so good first step towards prevention starts with training. You need to teach good security habits and then reinforce them. Don’t treat cyber security as just an IT issue, make it part of your company’s culture.
Prepare for Sophisticated Attacks
Ransomware attacks are projected to increase; not slow down. At present, we’re seeing many more large scale – multi-vector attacks like WannaCry and NotPetya. These attacks take occur across multiple fronts including the network, mobile and cloud. Today, only 3% of the world is prepared to defend themselves from zero-day, multi-vector or polymorphic attacks.
Small businesses need to prepare themselves for this scary new reality. This means they need to up their defenses on all fronts and begin to use new technologies like autonomous security services and block-chain based protection solutions, which probably sounds as scary as the threat itself.
With over 3.5 million open cyber security positions and those actively employed quitting due to job stress the challenge seems overwhelming. This is why small businesses are engaging Managed Services Providers (MSPs) to help. You don’t have to go it alone – but you do have to prepare.
Learn more about CIT’s Cyber Security options.