Most people see cybersecurity as something that governments and corporations have to worry about. The truth is, however, businesses of all sizes are at risk of a cybersecurity breach.
According to the Department of Homeland Security, 40% of cyber attacks target businesses with fewer than 500 employees. In addition, about one in five small and midsize businesses reported a cyber attack over a two-year period. Computer crime has now bypassed illegal drugs as the country’s number-one criminal money maker, making it in every business owner’s best interest to safeguard their organization as much as possible.
Here are five common questions business owners and nonprofit organizations face about cybersecurity breaches:
What types of breaches are possible?
Businesses are seeing the full gambit of cyber attacks, ranging from man-in-the-middle-schemes to classic malware and phishing attacks. In most cases, the criminals are after credit card and banking information. However, a recent FBI report on identity theft noted that personnel records are becoming a growing area of concern.
Rather than attack a business directly, criminals break into a system and steal employee personal information. Then they use it to create “ghost identities.” As these attacks may not be recognized for some time after they’ve occurred, it can be difficult for authorities to combat them. Seasonal businesses are especially vulnerable to this type of attack, as fluctuations in employee numbers can make it difficult to establish links between victims.
How much could cyber attacks cost a business?
Estimates of what a cyber attack can cost a business vary greatly. At a minimum, a small retail establishment or seasonal business might lose $38,000 to $55,000 due to an attack. This number includes lost productivity and the cost of paying for professional expertise to fix the security breach. This does not include damages to victims, fines and legal fees which could be exorbitant and reach the millions.
For larger businesses, the losses are not just financial in nature and significant in size. Customer loss of confidence in the company and system downtime only add to the problems of establishing the actual cost of an attack.
Do hackers target small businesses?
Hacks on small business have become so frequent that Congress is considering legislation to help establish guidelines and resources to help small business owners protect themselves.
Criminals consider small and mid-sized businesses to be softer targets than large companies. Most entrepreneurs and smaller companies don’t have the resources to maintain full-time information technology personnel, or update and monitor their security constantly to combat the latest threats.
According to the Department of Homeland Security, 40% of cyber attacks target businesses with fewer than 500 employees. In addition, about one in five small and midsize businesses reported a cyber attack over a two-year period. Computer crime has now bypassed illegal drugs as the country’s number-one criminal money maker, making it in every business owner’s best interest to safeguard their organization as much as possible.
Here are five common questions business owners and nonprofit organizations face about cybersecurity breaches:
What types of breaches are possible?
Businesses are seeing the full gambit of cyber attacks, ranging from man-in-the-middle-schemes to classic malware and phishing attacks. In most cases, the criminals are after credit card and banking information. However, a recent FBI report on identity theft noted that personnel records are becoming a growing area of concern.
Rather than attack a business directly, criminals break into a system and steal employee personal information. Then they use it to create “ghost identities.” As these attacks may not be recognized for some time after they’ve occurred, it can be difficult for authorities to combat them. Seasonal businesses are especially vulnerable to this type of attack, as fluctuations in employee numbers can make it difficult to establish links between victims.
How much could cyber attacks cost a business?
Estimates of what a cyber attack can cost a business vary greatly. At a minimum, a small retail establishment or seasonal business might lose $38,000 to $55,000 due to an attack. This number includes lost productivity and the cost of paying for professional expertise to fix the security breach. This does not include damages to victims, fines and legal fees which could be exorbitant and reach the millions.
For larger businesses, the losses are not just financial in nature and significant in size. Customer loss of confidence in the company and system downtime only add to the problems of establishing the actual cost of an attack.
Do hackers target small businesses?
Hacks on small business have become so frequent that Congress is considering legislation to help establish guidelines and resources to help small business owners protect themselves.
Criminals consider small and mid-sized businesses to be softer targets than large companies. Most entrepreneurs and smaller companies don’t have the resources to maintain full-time information technology personnel, or update and monitor their security constantly to combat the latest threats.
What can you do to protect yourself?
While cybersecurity is a never-ending war of measures and countermeasures, you can take some basic steps as a business owner to protect yourself from cyber breaches. Steven Weisman, senior lecturer at Bentley University, makes these suggestions:
While cybersecurity is a never-ending war of measures and countermeasures, you can take some basic steps as a business owner to protect yourself from cyber breaches. Steven Weisman, senior lecturer at Bentley University, makes these suggestions:
- Engage the assistance of security professionals. It costs less to harden your system than to recover from an attack.
- Install proper firewalls.
- Keep your security software up to date.
- Provide employee access to sensitive information only on a need-to-know basis.
- Train employees in proper security procedures.
- Encrypt all data.
- Do not permit unauthorized devices to be plugged into office computers.
- Limit internet access on your computer systems.
- When replacing computers and other electronic devices, make sure all hard drives have been completely cleaned of information.
How can you recover?
After you have suffered a security breach, all you can do is pay for the damages and call in professionals to help recover your system. However, it is possible to protect yourself before any breach occurs.
No system is impervious to attack, so take the crucial steps required to be prepared ahead of time.
After you have suffered a security breach, all you can do is pay for the damages and call in professionals to help recover your system. However, it is possible to protect yourself before any breach occurs.
No system is impervious to attack, so take the crucial steps required to be prepared ahead of time.
SPEAK WITH A LOCAL INDEPENDENT AGENT
Selective offers our businesses more than just insurance. With additional services to help prevent and respond to data breaches and cyber events, businesses can reduce their risk. If your business is affected, Selective offers CyCurity® cyber liability insurance to mitigate loss and help your business recover. Contact your local Selective agent to learn more. Don’t have a Selective agent? Click below to search for an agent in your area.
