We’ve seen something like it a hundred times before.
Files—missing. Credentials—stolen. The whole network had been compromised.
The owner is in shambles. Sweat dripping down his face, he keeps tugging on his necktie and wringing his hands. “What am I gonna do?” he asks. He’s got a reputation to worry about. Word can’t get out.
“Should have thought about that before it all went wrong, pal.”
I shake my head. He called the right guys for the job, but the lead’s already cold. Now we gotta start from scratch.
Let’s talk security
You’ve heard about all the big breaches in the last couple of years. Big businesses are big targets for cybercriminals, especially those that deal with more vital data like social security numbers and the like.
Equifax is one of the more wide-reaching examples, with approximately 147.9 million customers’ information compromised. Social security numbers, birthdates, addresses and driver’s license numbers were all bits of data that were exposed.
But you’re not one of the big guys. You don’t have the high profile that Equifax or Yahoo does. Why would anyone attack little-old-you?
Cybercriminals can make a quick buck off of smaller businesses because SMBs make for an easier target.
SMBs generally don’t have the same security resources to deter a data breach that enterprises do. Additionally, since the company is small it won’t have a lot of extra resources. The business will likely devote its energies to recovery and continuity than it will tracking down the criminal.
According to Verizon’s 2018 Data Breach investigation (read the summary here) small businesses accounted for 58% of breach victims. Do you like those odds?
If you’ve got more time, here’s the full report.
Here’s the skinny
Cybercrime is a huge problem right now and things aren’t looking to get any better. With this in mind, it’s tough to believe that 77% of companies don’t have a solid plan in place for dealing with a cybersecurity breach.
If you haven’t given any thought to what you would do about a breach, let us tell you why you should.
Breaches are getting more expensive
From high-profile to low-profile, a breach is costly. As of 2018, the average cost comes out to around $1.23 million for enterprises and $120k for small businesses.
A lot of businesses can’t stay open after a hit like that. Even if you could take the hit, why waste the money on something like a security breach, especially if it could have been prevented?
Criminals are using different angles of attack
Danger doesn’t just come from “hackers” working their magic on your server’s code.
An effective cybersecurity plan not only includes things like strong firewalls or good encryption on your data. It also includes employee education and best-practices training. One of the most common ways that online criminals gain access to a network is via email, usually by a technique known on the streets as phishing.
People are the weak point in this equation, not the technology.
Prevention isn’t enough anymore
Sometimes a good defense isn’t enough. Cybercriminals are clever and develop new techniques all the time. Maybe someone got phished, as mentioned above.
After a breach is found, depending on the circumstances, it can take up to 266 days to get a lid on the situation.
Prevention is all well and good, but proactive measures, like monitoring and testing, are the best ways to make sure that damage is kept to a minimum when something does go wrong. This is going to be the new industry standard in the future.
Don’t panic just yet
We’re not here to scare you, just to let you know that security is serious business.
Start thinking about what you can do to cover your bases. Look into best practices. Be on the lookout for suspicious activity. Ask the experts for a professional opinion or some guidance.
You can always get in touch with us if you need someone in your corner.