Like it or not, human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc., through the seemingly innocent actions taken every day online.
In most cases, this is done without malicious intent – but if you as a manager or owner aren’t monitoring what websites your employees are visiting, what files they’re sending and receiving, and even what they’re posting in company e-mail, you could be opening yourself up to a world of hurt.
That’s because your employees’ actions can subject your business to monetary loss, civil lawsuits, data theft and even criminal charges if they involve disclosure of confidential company information, client personal information, transmission of pornography or exposure to malicious code.
So, I know what you’re going to say - you’re going to tell me you own a small business, and hackers aren’t interested in you, right!
Here are some stats that just might open your eyes a bit:
The Keeper Security/Ponemon Institute’s report shows the number of small businesses reporting negligent employees and contractors as the cause of data breaches increased to 60% in 2018 — whereas external threats (hackers) were reported as 37% of the causes.
The report also shows that some small businesses think that their organizations are too small to be attractive targets for cybercriminals. However, if you’ve read virtually any recent cyber security reports or literature, you’d know that no company is “too small” or “too large”
The cyber security firm 4iQ states in its 2019 Identity Breach Report that cybercriminals targeted small businesses with cyber-attacks at an inordinate rate in 2018 — up nearly 425% over the previous year.
Symantec’s 2019 Internet Security Threat Report shows that employees of smaller organizations were more likely to be hit by email threats such as spam, phishing, and email malware than those who work at large organizations.
Continuum’s 2019 small business cyber security report shares that nearly two-thirds of small businesses say they don’t have the employees to handle cyber security functions, and a majority report that they don’t have any cyber security experts on their staff.
A survey by the Better Business Bureau (BBB) indicates that 55% of small businesses cite resources and knowledge as the greatest challenges for developing a cyber security plan.
Continuum also reports in its State of SMB Cyber Security 2019 report that nearly 80% of small businesses believe they will have to outsource their cybersecurity in the near future in order to keep up with the threats.
Small businesses invest less than $500 per year in cyber security protection. This devastatingly low number is the average amount that Juniper Research’s 2018 study says that small businesses spend on “consumer-grade” cyber security products each year. Considering that SMBs represent only 13% of the cyber security market spend, it’s no surprise that small businesses make such an attractive target to cyber crooks.
Did you know that the average cost of cyber attacks that result from compromised employee passwords is over $383,000? This is one of the findings of the Keeper Security/Ponemon Institute report.
Nationwide Insurance reports that more than two-thirds of small business owners don’t have a disaster recovery (DR) plan in place. The report also shows that 71% of small business owners choose not to buy business interruption insurance.
At the very least, you should configure your firewall to document and monitor which websites users are visiting. Almost all business grade firewalls have this ability built in; you simply need to configure it and monitor the reports (something we can certainly help you with).
But it’s up to you to set the rules, write the rules into an Acceptable Use Policy (AUP), provide security awareness training and then TRAIN yourself and your employees on what is and isn’t acceptable and then make them sign the AUP.
It’s time to take cyber security seriously, and HBBTech is here to help. We developed our cyber security solution in 2014 and not one of our clients has suffered a successful cyber attack over the last 6 years.
If you’re not sure how to move forward, give us a call at (636) 542-8653 today, or take your chances with the cyber crooks, and the fines, civil suits, reputation damage, downtime and everything else associated with a data breach.
That’s it for Tip #19
Next week’s Tip will be:
“If You’ve Ever Said This, You’re ASKING To Be Hacked!”
Remember – It ain’t poisonal... it's jus bidness. ‘Til next time
