The threat to the cybersecurity of companies is steadily growing. By comparing the number of incidents in the Q1 in 2017 and Q1 in 2018, Positive Technologies reported that the number of incidents increased by 32%. It also cited a general growth in other cybersecurity trends. This pertains to companies across the board—from small companies to corporations and conglomerates. While large companies have the resources to fend off cyber threats, small and medium businesses (SMB) are often unprepared. They think small entities like themselves do not need to invest in cybersecurity and see protecting themselves online as an onerous task, however, recent trends in cybersecurity for small business suggest otherwise.
A Precarious State for Cybersecurity for Small Business
According to the report, hackers have an increased interest in obtaining account credentials and personal information. Data theft in 2018 was 13% higher than in 2017.
The greatest increase, however, was in malware attacks—up by 75% since the first quarter of 2017. Malware is the also the method of choice for hackers.
In five out of six malware attacks, the targets are individuals. They are not always familiar with the dangers of online threats, and so they fall victim to phishing and other attacks. SMBs lack sophistication around security, making them an easy and lucrative target for cybercriminals. Therefore, with less investment in cybersecurity, and even less knowledge on protecting themselves, they are constantly at risk.
Receptive vs. Reactive
When SMBs experience any kind of cyber attack, they try to adopt a “business as usual” attitude towards the problem. They know they can’t stop operations or put a pause on the business to address the infection and get rid of the consequences of the attack. By the time they formulate a plan to deal with an attack, they have been fully breached.
The method is problematic because it is extremely costly. The average cost to address a breach is $141 per record, according to the 2017 Ponemon Institute Study. This covers investigation, PR remediation, and legal fees, and IT concerns. Therefore, a small data breach of 1000 records would amount to $141,000. SMBs do not always have this much disposable money to address this concern. The problem could have been avoided if they had taken basic measures to thwart cyber attacks.
CyberSecurity Trends: A Layered Defense
Experts suggest having a more proactive stance. SMBs need to use a layered security strategy that can detect and stop suspicious activities at each phase of the attack. This increases the chance that malware is stopped early in the process, but includes additional defense systems should the attacks bypass those early defenses.
1. Patch the Bugs
Software bugs (vulnerabilities) have the power to make your devices susceptible to breach. The software can regress or stop working, and this creates an opportunity for hackers to enter your system. Always update and completely patch your operating systems and apps to plug any potential cracks in the system. End-of-life devices, those that manufacturers no longer create updates for, are easy targets. Consider replacing old devices so you can maintain strong security within your systems.
2. Neutralize Threats
If an attacker does find a way into your system, you need provisions that can stop the attack before there are any malicious consequences. Installing endpoint protection and an antivirus software are basic requirements for cybersecurity. These will tell you that there is a threat and often eliminate it.
3. Environment Protection
Attacks cannot prosper without logging on to systems that contain important data. Make sure to log in to your accounts using complex usernames and alphanumeric passwords, and log out or lock it when you leave the platform even if only for a moment. Trust the indicators of your accounts when creating new passwords, so you have a more solid shield against various online threats.
4. Data Protection
Making backing up files a habit, even better yet, automate it. Store some files in the cloud or on a different hard drive to make sure that you won’t have to completely start from scratch when the worst happens.
Train every one of your employees on Cybersecurity. Ensure each of them is aware they are a significant part of the SMB defense strategy and that they know how to recognize a Social Engineering attack. This will benefit the employee at work and in their personal lives.
Even though SMBs do not have the same IT capabilities as larger companies, this does not make their data any less important. Any kind of breach is disruptive no matter the size of the company. SMBs need to build an effective defense that makes sense for the size of their company and the kind of data they need to protect.
1. Simple administration
Security solutions should be simple, intuitive, and easy to implement. SMBs don’t have IT teams so they must do these things by themselves, in ways that are supportable for them.
2. Comprehensive solution
Adopt a system that not only offers information but one that also intelligently and automatically makes decisions when breaches are detected.
3. Cost-effective investment
Security packages do not have to be expensive to be effective. Cybersecurity companies for small business should take the time to find out which security features are critical to their operations, and implement systems that are relevant to them.
4. Non-disruptive to operations
Good IT systems do not interrupt productivity. Ongoing security should be behind the scenes, protecting the environment and users.
Small- and medium-sized businesses must never neglect the importance of staying on top of their security defense. It is just one more step they have to make to ensure that their businesses are in top shape. SMBs must always keep track of cybersecurity trends to understand current threats and what can be done to prevent them, or in the worst case remediate them and keep operations running smoothly and safely.