Oftentimes, as small-to-medium sized businesses, we may think cybersecurity threats don’t apply to us. “I’m not a big enough company for that. Who would want to hack me?” As it turns out, this may not actually be the case. Further, throughout COVID-19, we’re seeing trends of increasing attacks towards SMBs.
Here’s what you need to know to mitigate your cybersecurity risk as a small-to-medium sized business.
How big is the risk, really?
Well, let’s look at the numbers. According to the 4iQ 2019 Identity Breach Report, there was a 424% increase in cyberattacks against small businesses just from 2017 to 2018.
Verizon’s 2020 Data Breach Investigation Report (DBIR) shows that 43% of data breaches targeted small businesses.
And although a 2017 study from VIPRE Security showed that 66% of SMBs would suffer catastrophic consequences and have to close their doors after a breach, 77% of small firms believe their company is safe from a cyberattack and 83% do not have any security policies in place.
Let’s look first at who is attacking you, then move on to how. Verizon’s 2019 DBIR found that 69% of data breaches were committed by outsiders. Meanwhile, 34% involved internal actors. Of these crimes:
- 52% featured hacking
- 33% included social attacks
- 28% involved malware
- 21% included errors as causal events
- 15% resulted from misuse by authorized users
- 4% involved physical actions
Cybersecurity: mitigating your risk
Now that we’ve established SMBs are not, in fact, immune from cyber threats, how can you boost your cybersecurity efforts? Cybersecurity is the protection of your virtual information from unauthorized use for data integrity, confidentiality, and ultimately to protect you!
Unfortunately, with more employees working from home throughout COVID-19, your business may be at greater risk than usual. However, with the help of a few cybersecurity tips, you can greatly reduce this risk.
Tips while working from home
- Keep all work on a designated work computer – don’t use a shared family computer!
- Keep your system, router, wi-fi, and antivirus all up-to-date.
- Create a secure culture where leadership takes cybersecurity seriously and models the behavior you’d like to see in your employees.
- Use a hard-to-guess password and locking screensaver.
- If possible, consider using a company-wide Password Manager like LastPass for added security.
- Finally, ensure there is a communication plan in place, just in case something happens.
Do you already have a cybersecurity plan in place? If not, that’s okay! The important thing is that you start now.