We’ve all seen the headlines of large companies like Facebook, LinkedIn, and Equifax falling victim to a data breach. However, it’s small organizations that are really in danger when it comes to being targeted for cyber-attacks. Hackers like to target small organizations because they often don’t have the infrastructure, or employees don’t have the knowledge necessary to prevent attacks. In 2018, small businesses accounted for 58% of data breaches and 67% of cyber-attacks.
We’ve also seen the price tags that come along with those large data breaches. After last year’s Facebook breach of 50 million accounts, the company was looking at owing over $1 billion just in fines. When you consider the cost of damage or theft of IT assets and company data, and the cost of disrupted operations, cyber-attacks can be financially devastating. In 2018, it cost small businesses an average of $3 million to recover from an incident.
So, what can you do to prevent a cyber-attack? I could write a series of books and still not fully answer that question, but the best advice I can give is to prioritize a budget for your organization’s cybersecurity. Unfortunately, even if you’re currently compliant with security standards, you’re already falling behind. It’s no longer enough to have an updated operating system and an antivirus on every computer. While those are still important, there are just too many ways for hackers to get into a network.
On average, it takes 196 days just to identify a data breach. It’s cheaper to invest in your company’s cybersecurity now before you have an incident, rather than finding someone to come to the rescue after a breach has been discovered. With the constant evolution of cyber-attacks, having a security officer on staff with the proper skill sets and resources to continue keeping your company one step ahead is essential.
It’s also worth investing in companywide cybersecurity training. Your biggest security threat isn’t an evil hacker, it’s your employees. 92.4% of malware is delivered by email, which leads to negligent employees and contractors being the number one cause of data breaches. (YIKES!) By educating employees on cybersecurity best practices, you will help them make smarter choices both on their personal accounts and their business accounts, which will reduce your risk of attack drastically.
Here at Foundant, everyone receives a fun security video on a different topic each month. It only takes a few minutes to watch, it’s entertaining, and then we answer a question at the end to be sure we understand what to do in case of an issue. Our IT department leads the charge on this, but every employee is responsible for consuming the content and educating themselves in order to ensure the safety of our company.
Now that you have your security officer, and your employees are learning about cybersecurity, it’s time to come up with security policies and procedures. Outline the do’s and don’ts specific to your company so that everyone can be on the same page. Having strict guidelines eliminates any grey areas and reduces your risk of an attack.
Cyber threats aren’t slowing down. The global cost of cybercrime is expected to reach $6 trillion annually by 2021. It’s time to start acting proactively instead of reactively when it comes to these risks.