Posted on July 26, 2017 at 10:45 AM
While big corporations are always investing hundreds of thousands if not millions of dollars on cybersecurity, small businesses aren’t spending nearly enough.
In the CNBC/SurveyMonkey Small Business Survey that was conducted in April, only 2% of the small-business owners said that they treat the possibility of a cyberattack as the most critical issue. The survey included more than two thousand small-business owners across the country in a wide range of industries.
This makes sense in a way when you think about the taxes and the cost of employee healthcare that are the highest-ranked items and are something owners have to think about daily. Despite that, online security experts advise against this approach since the lack of focus makes the businesses more vulnerable.
Hemu Nigam, the founder of SSP Blue, which is an internet security consultant business, says that the approach most small-business owners have is that they don’t have to worry about security breaches because they’re small fish, but that’s exactly why they’re of interest. Nigam says that hackers love small businesses due to the fact they don’t have the resources to secure themselves and aren’t aware of themselves being a target.
They are very wrong since 28 million of small businesses have been breached in the US, as 2016 State of SMB Cybersecurity Report says.
Congress did make some steps towards protecting the small businesses. The Main Street Cybersecurity Act was introduced in March by the Senate that creates voluntary cybersecurity framework for them.
What a hacker wants out of the small business can vary. Some of them attack retail-facing companies so they can access the personal and credit card info of the customers. Many companies in all industries get attacked by a malware that seems to be doing nothing in the beginning but later turns company’s computers to so-called zombie computers that are later used for larger attacks. Security lapses in small businesses are also used as backdoors for entering the systems of larger partner companies. Or, as it has become popular as of lately, hackers will hold data for ransom and make the owners pay for the data to be released.
One of the ways to add a layer of protection is to build your own website instead of hiring a firm to do so. Using a larger email service, such as Gmail or WordPress could also be of help since these have more advanced security systems. But keep in mind that this doesn’t resolve all your security problems.
With several large corporations having their security breached, the same story has a bad ending for smaller businesses. Because the circle of trust is broken, the costs of recovery are often more than small businesses are able to pay.