Small businesses can make the mistake of thinking that hackers will not have any interest in targeting their company. I regularly hear comments such as “I have no information of value.” or “Who’d want to gain access to my data.” However, a recent Symantec study found that over 60% of cyber-attacks actively targeted small businesses. The truth is: Hackers love small businesses.
Unlike large enterprises, smaller businesses typically do not have the resources to put sophisticated IT defences in place. Their networks are often much easier to breach, often with simple phishing attacks or malware downloads which arrive via email. It is easy to target small businesses as they are susceptible to automated scripted attacks that exploit vulnerabilities such as unpatched operating system and third party software.
All businesses, irrespective of size, hold valuable information such as employee personal data and company financial data. Your company may even realise that it is holding sensitive data about a third party company which may be of interest to a hacker. A hack of the large retailer Target was traced to a breach of one of it’s service providers, a small HVAC company, who had direct access to Target’s IT network.
A retailer will handle customer credit cards through which they process financial transactions. A hairdresser or beautician may handle customer email addresses, phone numbers, and passwords through their salon booking software. An accountant will processes sensitive financial and organisational data on behalf of their clients. A doctor’s surgery hill will hold private health information on behalf of their patients.
The first step in protecting your business against cyber threats is to first acknowledge the real cyber risks that threaten your sensitive data and to stop thinking that you are too small to get hacked.
Stay tuned for more articles on how you can protect your business.