Being a small business has a lot of benefits, you might:
- Differentiate yourself from the corporate competition by offering a more personal feel.
- Make decisions about the direction of your company without having to get approval from a board.
- Have a high employee retention rate because your team is loyal and knows that you will make decisions with their best interests in mind.
But what about the downside - specifically when it comes to securing your IT infrastructure (if you even have one)?
Many small to mid-sized businesses (SMB) fall into the trap of thinking that because they are small, they are immune from a cyberattack. What would a hacker want with a small business? You’re the “little guy.”
82% of SMB owners don't even THINK they have anything worth stealing, according to a study by Tower Gate Insurance.
But the truth is, being the “little guy” makes you even more of a target than a multi-billion dollar company. You’re the “low hanging fruit” of the business world.
Large businesses have the resources to spend big on security, while the little guys in small business are the unassuming, sitting ducks. In some cases, hackers might even use you to GET to the big guys you might partner with . (Remember the Target security breach? That's what happened.)
In fact, small businesses – which make up more than 97% of total businesses in North America – have a unique role in the cybersecurity ecosystem and overall national security strategies: they can be targeted by cybercriminals as gateways through the supply chain to larger corporations, many of which are in critical infrastructure sectors.
Just because you are small doesn’t mean you’ll be safe. Every business, big and small, is vulnerable to an attack.
Below is a run-down of some of the most prevalent, but easily forgotten, ways your small business can be targeted:
Ransomware - Malicious software blocks all access to your data until a ransom is paid. Read more about ransomware here.
Trojans - Usually in the form of an attachment, a trojan is malicious software that once downloaded gives a hacker full access to your device.
Phone Scams - Scammers pretending to be a remote monitoring service that has detected a virus on your computer so you will buy their software over the phone to remove it. This is similar to toner pirates, by the way (here's how to sink them!)
Phishing Scams - Typically sent via email, these types of attacks are designed to look like they have come from authentic business partners such as banks so that the recipient with click and reveal login credentials.
Point-of-Sale Malware - Special software loaded on credit card machines to capture data from cards swiped.
Keylogging Software - Hardware or software that records every key stroke in an attempt to uncover logins and passwords.
I don't want to overstate the case for security, but it IS a serious risk to your business. While I would take the percentage in the following statistic with a grain of salt, companies DO go out of business after losing access to their business documents or as a result of a security breach. And the sad statistic is that 60% of SMBs who ARE hit with these kinds of cyberattacks were forced to close within 6 months, according to the U.S. National Cyber Security Alliance.
All it takes is one - one download, one click, one phone call, by ONE person on your team.