SMBs are Spending More on Cybersecurity. Is It Enough?
There are a lot of threats out on the Internet, and the good news is that many of them have absolutely no chance to threaten your business. The problem is that it only takes one to really put your business at a major disadvantage. One threat is all it takes to lock down your files and hold them for ransom. One threat is all it takes to corrupt your databases. One threat, if it got bad enough, could conceivably end your business.
Technology professionals that hold decision-making positions at large companies all understand the risk. The problem for many small and medium-sized businesses is that they don’t think that their business is big enough, or technologically-sophisticated enough, to warrant substantial spending on cybersecurity. That’s not to say they don’t consider it a risk, but when they weigh them against other operational risks, they tend to overlook cybersecurity at their business’ peril. Let’s take a look at some statistics that can give you a good idea about what cybersecurity can mean for an SMB.
SMB Cybersecurity Statistics
Statistics taken in context can give people a pretty good idea about what to consider, especially when what they're considering is risk. Here is one that will surprise most people:
The average cost to a small business from a cyberattack that is mistakenly initiated by an employee, partner, vendor, or someone else associated with the company is over $7.5 million per incident for companies with under 500 employees. There aren’t many companies out there that could just throw away $7.5 million, not to mention do irreparable harm to their reputation.
Over two-of-every-five small businesses don’t have any type of cybersecurity plans in place. It’s true. A study by BullGuard conducted in 2020 found that 43 percent of small businesses are playing fast and loose with their data, and that of their customers, partners, and vendors. Another 29 percent of SMBs spend less than $1,000.
Nearly one-out-of-every-five small businesses experience some form of cyberattack every year. Just because your business is small doesn’t mean it is invisible (at least you hope not, right?) You want people to find out about your business? Chances are that scammers already have. Not having a cybersecurity plan is like keeping only a screen door on the front of your building.
What Do You Spend Your Cybersecurity Budget On?
With those statistics in mind, it is essential that if you make technology decisions for your company that you need to come up with a plan that will help it avoid dealing with a data breach, a malware attack, or any other negative scenario that could happen as a result of getting hacked. Let’s look at three strategies that any business can use to improve their cybersecurity:
Invest in Employee Training
The majority of today’s cybersecurity problems have at least a little to do with your employees. Phishing attacks are the most utilized hacks and they require someone from your organization taking steps to provide access. You need to train your employees how to identify and report suspicious emails, calls, and instant messages; and, how to utilize company technology without exposing data and other digital assets.
Vet Your Vendors and Partners
Another common problem occurs when you utilize a service or have agreements with a third-party company or vendor. If that organization gets hacked, it could have an immediate effect on your business. Many of today’s small businesses utilize cost-effective cloud solutions that may not be secure enough in their own right. If you are going to utilize hosted solutions to run your business, you should consider hosting them with reputable vendors. CASS Tech can help you make the right choice.
Keep Your Network Managed
The best thing any company can do is just to deploy tools to secure their network and to keep those tools managed and maintained consistently. Here are a few suggestions:
- Keep all network-attached devices patched and up to date.
- Use automation to verify configurations, and to detect unauthorized changes that happen on your network
- Utilize two-factor authentication on all applicable software and encryption where possible.
There are many more solutions to the cybersecurity problem, but it is a strategy that has to be consistently utilized because it only takes one instance to really cost your business.
If you would like to talk to one of our IT professionals about cybersecurity or any other technology issue, give us a call today at (248) 538-7374.