Why You Need to Get Serious About Cybersecurity
Are you a cybercrime target?
A whopping 43% of all data breaches target SMBs. [1] But despite this frightening reality, very few businesses are making IT security a priority this year. That's a big mistake, because small business owners are at a greater risk than they may think for data security problems and cybercrime.
Cybersecurity 101
Cyber attacks are targeting small businesses to a greater degree than in the past. Between 2017 and 2018 cyber attacks on SMBs went up from 61% to 67%, and data breaches increased from 54% to 58%, according to a study by the Ponemon Institute. [2]
Cyber attacks are costly and disruptive. Companies in the study that suffered an attack spent an average of $1.3 million due to damage or theft of IT assets. What's more, disruption to normal operations cost the affected businesses an average of $1.56 million.
However, small business owners remain inadequately prepared to defend against cyber attacks. According to Ponemon:
- Just 40% of respondents say the technologies they currently use adequately detect and block most cyber attacks.
- 70% say attacks have gotten past intrusion detection systems.
- 82% say attacks have gotten past their anti-virus solutions.
Common cybersecurity risks
Here are some of the most common weaknesses that make businesses vulnerable to cyber attacks—and how to get serious about defending yourself.
Cloud-based applications and data storage: Cloud usage is on the rise and expected to grow, which creates more opportunity for cybercriminals. Web-based attacks are the most common type of cybercrime, according to Ponemon, and 43% of respondents have suffered a data breach due to errors by third parties (such as contractors) that have access to cloud applications.
- Solution: Limit access to your cloud-based apps only to those who need it. Choose laptops with built-in encryption of storage drives for extra protection.
Phishing and social engineering: Humans remain a weak link in cybersecurity, which makes phishing and social engineering popular approaches for cybercriminals. Ponemon found 64% of small and midsized businesses that have a password policy do not strictly enforce it.
- Solution: Develop and enforce a cybersecurity policy that includes regular training and requires passwords be changed every six months at minimum. Guard against human error by buying PCs with strong multi-factor authentication mechanisms that combine factors such as PINs and fingerprints or passwords and facial recognition.
Mobile devices: Laptops, tablets, and smartphones used to access business-critical applications and networks create opportunity for cybercriminals. However, many businesses allow employees to use their own personal mobile devices for work.
- Solution: Provide employees with company-issued mobile devices so you can set up device management solutions. Require employees to use a password or biometric authentication to secure their mobile devices.
Networked peripherals: When printers, scanners, copiers, and fax machines are connected to your business network, they can provide easy entry points for cybercriminals.
- Solution: Choose printers with built-in security features that can detect and stop threats the moment they start. Establish and implement a security policy for printer use and restrict access to printers only to those who need them.
Remote work: Employees working in public settings or during business travel are at risk of having their notebooks or mobile devices stolen or compromised. Prying eyes may spy passwords or critical business data on a laptop screen.
- Solution: Prevent data theft and loss by choosing notebooks with a full stack of endpoint security features, including a Sure View integrated privacy screen that darkens to prevent visual hacking.
Stay proactive about cybersecurity
Business owners must take cybersecurity seriously. Developing smart policies and employing the proper technology can help you protect your small business from these very real risks.
Learn more about HP Business Security Solutions and how they can help your business.
[1] Verizon: 2020 Data Breach Investigations Report
[2] Keeper and Ponemon Institute: 2019 State of Cybersecurity in Small and Medium Sized Businesses
