Many small to medium-sized business (SMB) owners assume that cyberattacks only happen to bigger companies. But many cybercriminals view SMBs as easy targets\u2014and may try to test their scams on susceptible mom-and-pop shops before scaling them up to larger targets.<\/p>\n
According to the 2022 Verizon Data Breach Investigations Report, small to medium-sized businesses accounted for nearly half of the 23,896 security incidents and 5,212 confirmed data breaches documented in the report. Nearly all of those breaches came via system intrusion\u2014breaking into computers, laptops, or servers\u2014or social engineering\u2014tricking users into sharing credentials or critical financial information.<\/p>\n
Ransomware was the main tactic used in 25% of those 2021 breaches, nearly doubling since 2020. Unsurprisingly, 100% of the motivation for such breaches was financial: hackers trying to strong-arm companies into paying a ransom for the return of their stolen data.<\/p>\n
What Do These Numbers Mean?<\/strong><\/p>\n Maybe you\u2019re thinking, \u201cIt\u2019ll never happen to me.\u201d Maybe you\u2019re running through scenarios for how you\u2019ll respond. Those two camps are nearly evenly represented by the results of another report, the CNBC | Momentive Q3 Small Business Survey.<\/p>\n Conducted last year with nearly 2,000 SMB participants, the report revealed that 56% were not concerned about falling victim to a hack\u2014while 42% said they were concerned. Shockingly, an equal portion of the survey sample, 42%, said they had no plan in place to respond to a cyberattack. Another 11% said they weren\u2019t sure if a plan was in place, and just 28% said their business did have a plan in place.<\/p>\n Considering that cybercriminals are becoming increasingly sophisticated in their attacks, those contradictory numbers are scary. Today\u2019s ransomware infections can worm their way into the farthest reaches of a company\u2019s system in mere minutes, encrypting years of data with one illicit click and bringing day-to-day operations to an immediate halt.<\/p>\n It might sound scary to consider, but most cybersecurity experts assume a \u201cnot if but when\u201d approach to system intrusions and online attacks. Gone are the days when you could ignore the threat of data breaches, password compromises, financial schemes, and email-based infections. Doing so today is tantamount to leaving your office without locking the front door\u2014then leaving your house and car unlocked, too, so that thieves can have their way with all of your possessions.<\/p>\n You Can Protect Yourself<\/strong><\/p>\n The 2022 Verizon Data Breach Investigations Report includes several straightforward strategies for SMBs to avoid becoming a target:<\/p>\n Use two-factor (2FA) or multi-factor authentication (MFA) 1) Provide cybersecurity training that addresses specific threat vectors.<\/strong>\u00a0Many of the most common cybersecurity problems occur due to human error: clicking on a malicious web link, accidentally opening an infected attachment, or providing confidential information to a hacker posing as a co-worker or executive. Targeted employee training that\u2019s updated regularly to address evolving cyber tactics can keep your employees informed enough to serve as the first line of cybersecurity defense. That includes identifying phishing or social engineering attempts as soon as they arrive, flagging or reporting junk emails, and alerting IT staff to older computers or suspicious online activity.<\/p>\n 2) Implement reliable, remote, and redundant data backup.<\/strong>\u00a0Without this key IT service in your toolbox, your business could be at significant risk. Many of the most egregious cyberattacks are successful simply because companies don\u2019t have access to extra copies of relevant data and feel they must make a desperate payment of thousands of dollars of ransom to retrieve stolen or encrypted information. With reliable backups executed regularly and stored remotely, your company can survive anything: malicious attacks, hardware failure, and even natural disasters. The investment is worth it, too, as only one or two days of significant data downtime can negatively impact your company\u2019s bottom line.<\/p>\n 3) Extend protection to all mobile devices used by employees.<\/strong>\u00a0With remote work increasingly common and everything from laptops to tablets to smartphones to hard drives being used at home and on the road, more and more devices are at risk of cyberattack. Hackers will often target a company\u2019s least-protected machine and try to attack that first, exploiting any vulnerability to gain a foothold in an overall IT system. As a business owner or manager, you\u2019re responsible for extending extra layers of IT security to those devices, protecting company data no matter where it resides, and continually scanning for vulnerabilities that can occur with something as simple as a public Wi-Fi connection.<\/p>\n 4) Partner with an IT support staff that understands your business.<\/strong>\u00a0A part-time employee who handles computer issues in his or her free time probably won\u2019t be able to stop a sophisticated ransomware attack. As threats evolve and online dangers increase, your business deserves dedicated IT support that addresses short-term cybersecurity needs while developing a long-term strategy for business success. All of the tips outlined above work best when integrated into an overall plan for comprehensive protection that\u2019s managed and executed by a trusted IT provider.<\/p>\n At CMIT Solutions, we work to keep you, your employees, and your devices safe\u201424\/7\/365. We\u2019re proud to serve as a trusted partner to thousands of clients across North America, defending their data, strengthening their systems, and empowering computer users to be smart, safe, and more efficient. If you\u2019re more interested in increasing revenue than worrying about ransomware attacks,\u00a0contact CMIT Solutions today<\/span><\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Not Worried About Online Threats? It\u2019s Time to Reconsider Many small to…<\/p>\n","protected":false},"author":77,"featured_media":4972,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-4840","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-quick-tips"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/posts\/4840","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/users\/77"}],"replies":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/comments?post=4840"}],"version-history":[{"count":0,"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/posts\/4840\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/media\/4972"}],"wp:attachment":[{"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/media?parent=4840"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/categories?post=4840"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cmitsolutions.com\/clearlake-tx-1106\/wp-json\/wp\/v2\/tags?post=4840"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nDo not reuse or share passwords
\nUse a password keeper\/generator app
\nChange the default credentials of hardware\/software
\nInstall software updates promptly so that vulnerabilities can be patched
\nEnsure that built-in cybersecurity protections are turned on for user devices such as laptops and desktops
\nUse antivirus software for all your devices
\nDo not click on anything in an unsolicited email or text message
\nMake sure the computer used for financial transactions is not used for other purposes such as social media or email
\nUse email services that incorporate phishing defenses and use a web browser that warns you when a website may be spoofed
\nBeyond these tips, CMIT Solutions recommends the following four strategies to minimize the threat your business might face from phishing, ransomware infections, and other cyber attacks:<\/p>\n