Small and mid-sized businesses (SMBs) make up a very large portion of the businesses that exist in the US. According to Census data, around 99% are in the SMB category. And if you think about your daily life and how you interact with businesses throughout the day, you may find that trend to be true in your own life as well. But who is aware of Cyber Security for SMB.
Unfortunately, these SMBs have a target on their back. Hackers have increasingly been focused on SMBs for their schemes and plots, and it is costing SMBs millions. That isn’t an exaggeration either. The average cost of an attack is around $3 million! It’s a staggering number that includes ransom amounts, system outages and disruption, and downtime. Around 40% of SMBs that experienced a breach indicated that their downtime was 8 hours or more.
Shocking statistics, aren’t they? But, because we care about SMBs, and feel the exact opposite about hackers, we think it is important to share a few more stats with you. Not to place you in a state of panic, but rather to provide information and prep you to beat hackers at their own game!
IT Security Stats and Details SMBs Should Be Aware Of
- The majority of data breaches, 58%, happen to small businesses.
- Malware, the most common approach for hackers, is typically delivered via email (4% of the time).
- Often times, the malware comes in the form of Office attachments like Word, Excel, and PowerPoint. These types of files are not always blocked by email filters.
- What’s worse is that hackers have figured out a way to attach Malware and reply to emails making it look like the attachment is part of the conversation that you are having with an important colleague, vendor or customer.
- Within the past 12 months, two-thirds of SMBs have suffered a cyberattack.
- Remote Desktop Protocols (RDP) have also been leveraged as an access point. Hackers have figured out how to disable security software and destroy backups through RDPs.
- SMBs are also experiencing attacks even if they have antivirus software. 82% of those attacked indicates that malware was able to get through their AV software.
- A small percentage, 38%, of SMBs regularly update their security software.
- Cybersecurity breaches occur many times a day…on average, every 39 seconds.
- Around 60% of SMBs go out of business within 6 months of an attack.
Alright, we get it, that was a big scoop of doom and gloom. Sometimes, people need those cold hard facts in order to make changes. Positive changes that can help your business, and the employees of your business. So, let’s take a look at what can be done.
Stop IT Security Threats Before They Start
You’ve probably heard the phrase, an ounce of prevention is worth a pound of cure, right? Couldn’t be truer in this situation. As an SMB, your focus should be on preventing a cybersecurity attack. Prevention will not only give you peace of mind, but it is also far less expensive than dealing with the aftermath of an attack (remember that $3 million stat?). So, let’s focus on prevention!
Let’s start with your employees. Your employees can help you in your focus on prevention, but they need to be informed and trained. Train your employees to be suspicious of attachments that they weren’t expecting, even if it comes from a “reputable” source. If they weren’t expecting the attachment, it is okay to say something to leadership, or the internal IT resource.
Keep your employees informed of your IT processes and procedures. And share information about current malware threats. Not to scare them, but rather to empower them to stay alert.
Beyond your employees, there are other tasks that are extremely important. Security, and software, updates, and patches, for example, are important. These should not be put on the “when I get to it” list. These updates are a vital step in preventing cyberattacks and should be made a priority.
Invest in, and enable anti-malware protection. Yes, this is an investment, but it is a good investment. Think of it as a protection plan that could save your company from millions of dollars of loss. When you think about it that way, the upfront cost doesn’t seem so bad.
How to Stay Informed
Stay informed by reading IT articles and tips. Visit relevant blogs, attend cybersecurity learning events, or simply Google “current IT security threats”. Knowing the current trends will help you stay alert, and help you keep employees informed as well.
Ensure you have IT, and cybersecurity, support. Often times, SMBs think a cyberattack will not happen to them, so they do not invest in IT support. Based on the stats above, that’s not true. Make IT support and security a priority by hiring an internal team, outsourcing to an IT consulting firm, or a combination of the two. The investment is beyond worth it!
Cybersecurity learning and networking events, like the event Intivix is hosting, are low-risk opportunities to learn more about cybersecurity threats, and best practices and technologies that could be a benefit to your business. The Intivix Cybersecurity Event features thought leaders in the cybersecurity industry ready to share insights and information to help you prevent attacks. The event takes place September 19th at Morton’s Steakhouse. Visit our event page for more information, and to register.