Experts have been warning small business owners about cybersecurity threats like viruses, ransomware, and phishing for years. Despite their warnings, many SMBs still believe they are too small to target, and they don’t take cybersecurity nearly as seriously as they should.
SMBs Underestimate Cybersecurity as a Business Risk
The last few years have been tough for small businesses, and it seems that as soon one storm passes, another appears on the horizon. When faced with endless difficult challenges, small business owners have to prioritize where to allot their limited resources.
The latest CNBC Surveymonkey Small Business Survey has revealed that only 5 percent of SMBs see cybersecurity as the biggest risk to their business, with only 9 percent being very concerned that they will encounter a cyber attack within the next 12 months.
Instead, SMBs are concerned primarily with inflation, supply chain disruptions, labor shortage, and the COVID-19 pandemic—problems that have an ongoing negative impact on their ability to meet financial goals.
What the same SMBs often don’t realize when prioritizing their immediate financial survival is how much a single cybersecurity incident can affect it. In 2021, international specialist insurer Hiscox surveyed 590 US small businesses for its Hiscox Cyber Readiness Report and discovered that the average cost of cyber attacks was $25,612.
That’s enough money to put a serious dent in most company budgets, and we also shouldn’t forget about the reputational damage a business can incur from the disclosure of a cybersecurity incident.
Cybercriminals know that even small networks hide troves of valuable data, and they also know that many SMBs don’t take cybersecurity nearly as seriously as they should. That’s why cyber attacks against SMBs have increased at a rate of 150 percent in the past two years, according to a report released by Coro.
Small Cybersecurity Investments Can Save Big Money
To prevent costly data breaches, you don’t have to spend large amounts of money on cybersecurity. Just like a healthy lifestyle doesn’t have to be expensive if you know which foods are the most nutritious, a healthy cybersecurity posture can be achieved with a few smart investments.
To make the most out of their limited IT budgets, SMBs should focus on cybersecurity defenses that deliver the biggest bang for the buck.
For example, multi-factor authentication, which only 33 percent of SMBs that participated in the CNBC Surveymonkey Small Business Survey had enabled, can single-handedly block over 99.9 percent of account compromise attacks.
Automatic software updates (again, enabled by 33 percent of SMBs) effectively protect against attacks that exploit unpatched vulnerabilities to gain access to protected resources. Such attacks are responsible for one in three data breaches.
Just 15 percent of surveyed SMBs had spent money on cybersecurity awareness training even though employee training is the best protection against phishing attacks, which play a role in more than 80 percent of reported security incidents.
Every other small business doesn’t back up files on an external hard drive even though backups play an essential role in the recovery from ransomware and other attacks—not to mention hardware-related issues and natural disasters.
These and other cybersecurity defenses don’t require much time and money to implement, but they can together stop most cyber threats before they can cause any damage.
It’s Time to Start Taking Cybersecurity More Seriously
Sooner or later, every business will experience a cyber attack, but some will be better prepared for it than others.
A 2020 study by cybersecurity computer software company BullGuard revealed that 43 percent of SMB owners have no cybersecurity defense plan in place at all.
If your own cybersecurity plan is non-existent, then you need to create one. And if your plan is patchy, then the time to strengthen by implementing the above-described defenses is now.
At Aligned Technology Solutions, we understand how difficult it can be for SMBs to give cybersecurity the priority it deserves and requires while also addressing all other existential threats. We are ready to support your business by providing cost-effective managed IT services supported by local IT service professionals who understand today’s challenges.