Cyber-attacks are one of those things we read about but don’t really think about in our daily business lives.
Most of the time the high profile cases are the ones that catch our attention. What we don’t realize is that cyber-attacks are all around us.
I was talking to a client the other day and he said, “I hear about big companies getting attacked but I don’t really worry about it since we are a small shop.” I knew I wasn’t going to be able to convince him that his business was at risk even though the current statistics for small business attacks are overwhelming. So, I just asked him to pay a little closer attention for his safety and told him I would check back with him in a few weeks.
When we met a few weeks later he shared an interesting observation. He said, “You know how when you buy a new car, all of a sudden you notice that there are a lot of them on the road that you never noticed before?” I said yes. He said, “That’s what I noticed about cyber-attacks.” As I started to pay attention I realized that cyber-attacks are happening everywhere. It’s not just the big guys either. It’s small shops everywhere.” I said I know. There has been a big change in cyber-attacks in the last few years. So, I shared some alarming statistics with him.
- Ransom-ware grew 115% in 2015
- 93% of breaches are caused by human error
- 48% of cyber-attacks target small business
- 60% of small biz go out of business 6 months after an attack
- 74% of small businesses reported a security breach last year
- 4% of spear-phishing attacks were directed at small business last year
- Small business suffered losses in excess of $740 Million last year
- 430 million new types of malware flooded the internet ion 2015
- Cyber-attacks on small businesses have increased by 1500% since 2000
- Only 38% of small businesses update software regularly
- 93% of breaches are caused by human error
- Only 22% of small businesses encrypt databases
- 600,000 Facebook accounts are compromised daily
- 68% of funds lost to a cyber-attack are unrecoverable
- It takes an average of 170-200 days to detect a malware attack
What is clear in the cyber security world is that cyber-criminals have shifted strategies. Criminals have figured out that small businesses are vulnerable and ill-prepared to deal with cyber-attacks.Cyber criminals are opportunistic. If they see an opening they will exploit it for profit and move to the next target. That’s what’s happening with small businesses today.
If you own a small business you should be aware that you are at risk for a cyber-attack. It could be a phishing attack, a spear phishing attack, a ransomware attack, or a number of other exploits that could put you out of business. Remember, 60 % of small businesses that are attacked are out of business within six months. That’s a real statistic. 60%!
My client’s security awareness was suddenly important to him. He asked, “So what do we do? How do I protect my company? I have spent 20 years building this business from scratch, the last thing I want is for some thief to take it all away from me because I am unaware and unprotected.” So I asked him a simple question. “What’s your security number?” He said, “I don’t even know what that means!” I said, “I know but no worries I am going to explain it to you.”
The Tek has a security scan available to small businesses that enables you to access your level of risk, identify your security number, and then take steps to mitigate your risk. It’s really simple and a great starting point. The scan identifies all personal identifiable information that is unprotected on your systems and assigns a dollar value to let you know what it might cost you if your security is breached. Once we determine your number we will develop a simple plan to eliminate your risk and secure your systems for the future.
He was on board so we ran a scan on his systems and determined that he had a variety of issues including vulnerable social security numbers, credit card numbers, EIN numbers, Federal ID numbers, and driver’s license numbers. He also had a large number of software patch issues that were out of date. Since the scan assigns dollar amounts to his vulnerabilities, we were able to see that he had over $350,000 dollars in vulnerabilities.
He was a prime target for an attack. Imagine the damage a hacker could do to his business if they stole that information and exposed his customer’s personal data. Needless to say he was shocked. The next question was one I hear all the time. “What the heck do I do?”
I told him not to panic that we had a plan to fix his problem. He said,” I don’t have money in the budget for this kind of thing. I know cyber security is expensive and I am not sure we can afford it.” I said, “Look, first you can’t afford not to do it, and second our plan is designed for small business so it won’t break the bank. You know me I said, “I have been an entrepreneur all my life, so when we designed this plan my idea was to even the playing field for small business when it comes to cyber security. We are going to fix this quickly, simply, and with a small business budget in mind.”
So, we implemented The Tek’s six step plan for comprehensive small business cyber security. We had already run the free data breach risk intelligence scan so Step 1 was complete.
Step 2 is the “Clean State” step. We identify the current risks revealed in the scan and purge the data. We prioritize the data by value and then make choices to eliminate, encrypt, back-up or quarantine the data. This brings us to a clean state.
Step 3 is protection. We install monitoring tools, encryption, and the most advanced artificial intelligence based anti-virus software available. This is the same software the Fortune 500 companies use on their systems.
Once we have you protected the 4th step is to create a set of policies that act as standards and guidelines that help you meet security and compliance requirements.
Since 93% of breaches are caused by human error, step 5 is to implement a training program. Our interactive on-line training is designed to make your employee’s cyber aware. Informed and intelligent employees greatly reduce your risk of an attack. We have even added mock cyber-attacks to the training to make sure your employees receive real world looks at ransomware and spear phishing attacks.
Finally, Step 6 provides cyber breach insurance policies to eliminate financial and legal burdens should the unthinkable occur.
Ignorance is not a reason to risk the loss of your company and livelihood. As a small business owner you provide employment and opportunity for your employees and their families. Cyber criminals and cyber-attacks put everything you have worked so hard for at risk. Awareness is critical. Stay alert and learn about the dangers small business face from cyber criminals. The risks are real and they are growing every day. Take the time to investigate and realize that peace of mind comes with preparedness. A few dollars a month to protect yourself from the loss of your business is the best money you will spend this year.
Call us today for your free Cyber Security Evaluation – 919.582.6212 or fill out our contact us form.
