[ad_1]
Life has never been easier for America’s nearly 32 million small businesses. According to the Small Business Administration, 20% of small business startups fail in their first year and half fail within five years. Bigger businesses always have more capital, better access to credit, and more staying power.
Lately, salvation has become more difficult for two reasons – one relatively obvious, and one less so. Strong demand amid tight supply and high inflation is the backdrop of the economy today, and big businesses have been holding their own because of their size, complexity, and strong supplier networks. It has been a tough road for small and medium-sized businesses, but it reflects the purchasing power of smaller supply chains and their ability to raise wages in a tight labor market.
This was predictable at the time, but today’s second minor business headache – the woes of cyber security – was not.
Because many SMBs don’t take cybersecurity seriously, they’re breaching more. Small businesses, like large companies, have accelerated their adoption of new digital technologies for remote work, production and sales. But although expanded computer networks have created new vulnerabilities for phishing and ransomware attacks, they have not been followed by significant cybersecurity costs.
As a result, the risk of cyberattacks for SMBs—already higher than the risk for large companies—has grown significantly over the past two years. In the year Data breaches against small businesses worldwide will increase 152 percent in 2020 and 2021 compared to the previous two years, according to RiskRecon, a division of MasterCard that assesses companies’ cybersecurity risks. This figure is more than double that of large companies during the same period.
In addition, a 2021 study by IBM found that 52% of small businesses experienced a cyber attack last year – a figure that is likely due to the fact that there are more cyber attacks. Meanwhile, a recent survey by Chicago-based business services provider AppCity found that only 50% of US small businesses have a cybersecurity plan in place by 2022. I have a plan – a big deal.
Given today’s tough times, it’s no wonder that small businesses are more focused on day-to-day living. However, long-term survival may not be achievable without a respectable cybersecurity program. In fact, everything, after all, has become digital. All sensitive personal files are stored on computers today and bank and credit card accounts are available online, along with the financial information of companies large and small. It’s also important to remember that cybercriminals are hidden inside and outside the walls of companies.
All of this requires cyber protection, including trained cyber security personnel and some data recovery and business continuity planning. Unfortunately, too many small business owners still believe they are too small for cybercriminals to worry about, and don’t have enough information to prove a breach.
One important fact they may not realize is that cyberattacks on large companies are more likely to attract the attention of federal law enforcement—something no criminal wants. It’s also true that malicious actors know that the world’s biggest companies take cyber security seriously. So, rather than fighting an uphill battle, they are increasingly finding that it is better to target small businesses that are part of the supply chain knowing that their defenses are weak.
Another common misconception among small business owners is the financial reality of a cyber breach. Many still think that most of it is about quick damage and repair fees – the same as with other harmful accidents. In fact, far more than this falls on the general ledger, including ransomware payments, lost productivity, increased payroll hours, investigations, regulatory filings and recurring legal costs.
There is also the negative impact of bad publicity, in many cases the worst of all. Eighty percent of consumers will go out of business if they experience a data breach, according to the International Data Corporation.
Small businesses should look for ways to generously support cybersecurity and seriously plan and create security procedures. They must also adopt ways to better protect data and connected devices from cyberattacks, such as security procedures that are primarily about strategy, not finance.
In this vein, here are some tips:
Make safety part of your company culture. Studies have shown that the human factor accounts for more than 85% of breaches, including falling for phishing attacks or using passwords that can be easily cracked. These potential attacks can be reduced through extensive awareness programs that don’t stop at playbooks. They also weave safety into the organizational fabric, constantly reminding their employees to keep the organization safe.
Deploy and update anti-malware software. It’s good to have software that protects devices from viruses, spyware, ransomware, and phishing scams. Make sure it is updated regularly.
Strong passwords and two-factor authentication should be used. The easiest way to get into a business network is by guessing passwords. Many people use one password for multiple sites and accounts. All employees must have unique passwords for each of their accounts. Password managers are the best way to achieve this goal.
Backup data regularly. It is good to have multiple backups of company data. That way, if you fall victim to various cyber attacks, you’re not completely out in the cold.
Restrict employee access. It makes sense to segment and limit the employees to only the systems and data they need to access. If strict access controls are maintained, you will limit the damage any user can do to your network security.
At the very least, these and other similar measures will help reduce cyber stress throughout the business. According to a recent CNBC/SurveyMonkey Small Business Survey, which surveys more than 2,000 small business owners quarterly to track their perceptions of the business environment, four in 10 small business owners are concerned about a cyber attack in the next 12 months. Alleviating some of this stress is just as important as stopping the violence itself.
About the authorRobert Ackerman Jr. is the founder and managing director of AllegisCyber Capital, an early-stage cybersecurity venture capital firm based in Silicon Valley. He is also a co-founder and board director of DataTribe, a seed and early-stage startup based in Fulton, Md., that invests in young cybersecurity and data science companies.
Bob has been recognized as a Fortune 100 Cyber Security Executive as well as one of the “Cyber Security Money Men”. Previously, as an entrepreneur, Bob was president and CEO of Unisoft Systems, a leading UNIX systems home, and founder and chairman of InfoGear Technology Corporation, a pioneer in the early integration of Web and telephone technology.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
[ad_2]
Source link
