Annual statistics from the computer security industry warn that cyber criminals are targeting small businesses at an alarming rate. In fact, cyber attacks on businesses with fewer than 250 employees accounted for 31% of all reported attacks in 2012, compared with 18% in 2011. Across companies of all sizes, instances of cybercrime increased 42% in 2012, and the related costs rose 6%.1
Many small companies don’t have the funds to invest in large IT departments and sophisticated security strategies. Unfortunately, the expenses involved in recovering from a cyber attack could be insurmountable; nearly 60% of small businesses that are victimized by a cybercrime close within six months.2
Given the risks, it might be safer to assume that your business could be a potential target for cybercrime and prepare accordingly.
Bracing for Threats
A data breach occurs when outsiders gain access to the personally identifiable information of customers or other individuals, opening the door for identity theft and other financial crimes. Ransomware is a menacing scam that involves locking businesses out of their computers and demanding payment of a ransom in exchange for the return of company systems and data. A more recent tactic known as a waterhole compromises a small business’s website and uses it to access the databases of larger companies with which it conducts business.
The Federal Communications Commission offers the following cybersecurity tips for small businesses.
- Install and update antivirus and antispyware software on every computer, and maintain firewalls between the internal network and the Internet.
- If you have a Wi-Fi network, set it up so the network name is hidden and a secure password is required for access. Require all passwords to be changed on a regular basis.
- Lock up computers, laptops, and tablets to prevent them from falling into the wrong hands.
- Train employees in security practices and set up a separate account for each user. Provide access only to the data needed for users to perform their jobs.
Business owners should be aware that the company may be held liable if customers’ private information is disclosed. Internet liability insurance may offer firms some protection from the financial risks associated with computer hacking, spam, viruses, and other online perils (up to policy limits).
1) Symantec Corporation, 2013
2) FoxBusiness.com, March 23, 2013