If you are a small business owner, you may be under the mistaken impression that cyber security is only for larger enterprises. You might be thinking, why would a hacker want to attack my little business, when there are larger enterprises with more money and data to steal? The reality is that small businesses like yours are attacked all the time, they just don’t generate the same headlines as an attack on Target or Equifax. Unlike Target, 60% of small businesses will permanently close 6 months after a data breach. Below are the 6 big cyber security risks putting small companies out of business, along with tips on how you can minimize that risk.
1. Hackers Prey on Weaker Targets
Similar to schoolyard bullies, hackers will prey on what they consider to be easy, weak targets. Often, SMB are not prepared to deal with common malware attacks. Hackers know that and will focus their attacks on SMBs, as it is much easier than trying to attack a large enterprise that has the budget to spend on staff and software.
2. Island Hopping
No, island hopping has nothing to do with going on a vacation. It’s a term used to describe how hackers target smaller companies as a means to attack larger companies. The hope is that the smaller company will have vulnerabilities a hacker can exploit to the break into a larger organization that the y work with. If you are wondering why the hacker wouldn’t just attack the larger company, the reality is, it will cost a hacker more money and time to get through the larger enterprise’s defenses first. It is much more cost effective to target a weaker partner firm and try to gain access that way.
3. Not Patching Systems on a Regular Basis
Many SMBs often don’t have the resources to patch systems on a regular basis, which can leave some serious security holes in their systems. Hackers are counting on SMBs leaving some of these known vulnerabilities unpatched and will exploit them to gain entry into your network. The Equifax hack a few years was the result of an unpatched vulnerability that was exploited. Truthfully, even large companies are vulnerable to this type of threat. A regular patch schedule will help ensure that vulnerabilities sit open for too long.
4. Spear Phishing
Phishing is a common tactic for lifting passwords, security codes, and other sensitive data. It has also been an effective method of installing malware and ransomware onto personal devices and company systems. While we hope most people have become aware of such scams, the hackers are also becoming smarter, and are using more targeted Spear Phishing campaigns to steal information or money from SMBs. With spear phishing, the hackers will often make the emails more personal, and look like they are coming from someone within your organization that you trust.
5. Use of Unsupported Software
Many SMBs, particularly smaller law firms, continue top use old software which may no longer be supported with regular security updates. While you may think there is no harm in continuing to use Windows XP, after all it still works, go back up to point 3. Having systems that aren’t patched regularly, or that are no longer supported, could provide a hacker with access to systems.
6. Lack of Cyber Security Expertise
A lack of cyber security resources is a big problem for many organizations, but for SMBs, the problem is huge. There simply are not enough skilled cyber security people to go around. A securitymagazine.com article states that in the U.S. , it is estimated there will be 3.5 million unfilled cyber security jobs by 2021. One of the ways around a challenge like this is for SMBs like yours to hire an MSSP (Managed Security Services Provider). An MSSP Can be retained to do all the highly skilled cyber security work while you focus on running your business.
These are just some of the risks that could potentially put a small business like yours out of business. If any of these 6 things are keeping you awake at night, trust Uzado to take care of your cyber security needs.