December and January were dark days for data security. Just before Christmas, Target announced that credit and debit card info from over 40 million customers had been hacked over a three-week period of holiday shopping.
On December 28th, German researchers revealed how cybercriminals had taken advantage of Windows XP security lapses to infect European ATMs with malware.
And on January 1st, online messaging service Snapchat alerted over 4.5 millions that their usernames and phone numbers had been posted online in an apparent attempt to expose the company’s data vulnerabilities.
What do these three stories have in common? They highlight the fact that anyone — major retailers, online entities, small businesses, brick-and-mortar shoppers, Internet users — can be affected by a data breach.
In a recent Inc. Magazine article, statistics from security firm Symantec estimated that cyberattacks on small businesses rose 300% in 2012. And Jeremy Grant, an adviser at the Department of Commerce’s National Institute of Standards and Technology, said his agency had seen “a relatively sharp increase in hackers and adversaries targeting small businesses.”
Here’s why small and medium-sized businesses (SMBs) are receiving more attention from cybercriminals — and what you can do to avoid it:
• Small businesses tend to have weaker security and data encryption measures. Traditionally, major cyberattacks are directed at major companies. But as IT departments at those businesses are increasingly focused on foiling potential hacks, criminals have shifted their focus to more susceptible smaller organizations. Many companies feel they can’t afford to splurge on IT solutions. But the average annual cost of a cyberattack on an SMB is $188,242 — far more than the average data security investment.
• To a hacker, every employee and workstation represents a possible entry point. Beyond tech measures, the biggest data security investment you can make is in your people. Employees should do more than just create stronger passwords — they should know how to identify and handle an unsafe email attachment, they should know how to assess and manually re-enter external links, and they should be empowered to think about how their online actions can affect their employer.
• Malware, phishing attacks, and social engineering tactics are on the rise. In 2013, targeted malware attacks against small businesses increased 8%, with an average loss of $92,000, while social media-based phishing attacks increased 125%. As for social engineering, the act of using sensitive information to impersonate a user and gain access to data? Nearly 30% of all security breaches involve some form of this 21st-century tactic — and the average loss is $25,000 to $100,000.
• The safest (and cheapest) way to bounce back from a security breach is with remote backup and disaster recovery. If data is compromised, bouncing back isn’t easy — and can often be impossible. But with a trusted backup solution and disaster recovery plan like CMIT Guardian, even the worst cyberattack can’t bring your company to its knees.
We understand the critical need for data security — and we’ve seen businesses affected by breaches and hacks suffer devastating consequences that could have been avoided. Call or email CMIT Solutions today to find out how encryption, backup, disaster recovery, and proactive monitoring services can keep your company safe from such threats.