What The Latest Cyberattacks Mean For Your Small Business Security
Last year Yahoo had a relatively sweet deal on the table from Verizon which would have resulted in being sold for just under $5 billion. Then word got out that around 1 billion Yahoo user accounts were hacked.
To make matters worse, Yahoo is facing a US Securities and Exchange Committee (SEC) probe to determine if the company appropriately disclosed information about the data breach and it’s being suggested that if you still have a Yahoo account you ditch it. And, while the deal with Verizon is finally going through, it’s for $350 million less.
In short, these security breaches have cost Yahoo dearly.
Here’s the thing, though. Yahoo still was able to get acquired by Verizon. And, there’s optimism that Verizon is going to turn things by devoting the proper resources to keeping Yahoo secure. That, unfortunately, is not a luxury that small businesses have.
Unlike larger companies, small businesses are undercapitalized and naive when it comes to cybersecurity. Despite the fact that 1 in 2 businesses surveyed by the National Small Business Association in 2014 reported being victims of cyber attacks, an incredible 77% of SMB owners believe that their companies are safe from cyber security breaches.
“Small businesses don’t believe they’re targeted by bad guys,” said Larry Ponemon, chairman of the research think tank. “But small businesses are now targets since big companies have the resources for security.”
However, mutating viruses and malicious programs like Locky and CryptoLocker are becoming a more prevalent threat for small businesses. In fact, 43% of cyberattacks now target small businesses. In 2011, that figure was only at 18%.
While cyberattacks are on the rise, what does that mean for your small business and it’s security?
The Consequences of Cyberattacks For Small Businesses
Let’s first briefly explain the effects that cyberattacks can have on your business.
- Damage to your reputation. Cyberattacks make customers hesitant to either share information or use their credit card cards at your business. It could take months to prove that you’re business is safe and secure, which means that you’re missing out on leads and sales while repairing your reputation.
- Loss of business. Sure. reputation can impact your bottom line, but you’re also losing business because all of your electronic operations will have to be shut-down until the threat is no longer persistent.
- Loss of company assets. What happens when an attack steals proprietary information, such as customer and employee information, product designs, and business strategies? It’s gone. And, don’t expect your bank to cover any losses due to stolen bank account numbers and passwords.
- Litigation. If you don’t exercise your due diligence, like being PCI compliant and properly verifying transactions, you could be be sued by customers or forced to pay fines like chargeback fees.
- It’s expensive. A single attack, back in 2013, could directly cost a small business $9,000. Deloitte found that these direct costs are less significant than the “hidden” costs of an attack, such as insurance premium raises, operational disruption, and lost value of customer relationships.
- Could mean the end of your business. According to the National Cyber Security Alliance, 60% of SMB cybercrime victims go out of business within 6 months of an attack.
Protecting Your Small Business Needs Is a Priority
The worst mistake that you can make as a small business owner when it comes to online security is to be unprepared and inactive. It’s imperative that you invest in keeping your business secure by:
- Purchasing anti-virus software from reputable companies like Symantec, Kaspersky, McAfee, AVG, and Avira. Also consider investing in a firewall, tools that detect malware, and monitoring tools like Stealthbits so that you disable any threats before an attack occurs.
- Educating and training your employees so that they never click on unsolicited email attachments or embedded email links; never share sensitive data with anyone; and instituting a Bring Your Own Device (BYOD) policy.
- Being aware of the most common online scams and staying up-to-date on the latest hacks. Sites like The Hacker News and Hackmageddon are great resources to start.
- Investing in cloud storage, but also limiting the amount of data that you have stored in the cloud.
- Encrypting all of you data through tools like VeraCrypt, 7Zip, and AxCrypt.
- Creating secure passwords and requiring comprehensive authorization like two-factor authentication and biometrics.
- Verifying each and every transaction by requiring customers to enter their security code or CVV number, making sure there’s an address verification (AVS) match, and monitoring purchasing patterns.
Remember, cyberattacks for small businesses are rising. Don’t take a chance and wait until it’s too late. Be proactive and make security a priority so that you can avoid any potential downfalls, like bad PR and loss of revenue.