Everybody gets hacked, but not everything makes the evening news. We hear about very large companies like Target, Home Depot, Capital One, and Facebook getting hacked. What we rarely hear about are the smaller ones – the small and midsized businesses that make up 99.7% of employers in the United States, according to the Small Business Administration. It’s these businesses that are the biggest targets of cybercriminals.
Basically, if you run a business, that business is a potential target. It doesn’t matter what industry you’re in, what you sell, or how popular you are. Criminals target everyone. In 2018, a cybersecurity survey by the Ponemon Institute found that 67% of small and midsize businesses (SMBs) in the U.S. and U.K. were hit by a cyber-attack.
For the cybercriminal, casting a wide net makes the most sense because it gets results. It puts them in a position where they are able to extort money, steal sensitive information, and ultimately profit off of destroying the property, prosperity, and reputation of others.
In 2018, 67% of small and midsize businesses (SMBs) in the U.S. and U.K. were hit by a cyber-attack
Why do cybercriminals love to target SMBs? There are a handful of reasons why small businesses make sense to attack.
1. Small Businesses Are The Most Vulnerable. Business owners, entrepreneurs, and executives aren’t always up-to-date on network security, current cyber threats, or best practices in IT. They have a business to run and that’s usually where their focus is. Unfortunately, that means cybersecurity can take a back seat to other things, like marketing or customer support. This also means they might not be investing in good network security or any IT security at all. It’s just not top-of-mind or they may feel that because it’s never happened to them, it never will (which is a dangerous way of thinking).
2. Some Businesses Don’t Take IT Security Seriously. Coming off that last point, it’s true that many businesses don’t properly secure their network because they feel that they aren’t vulnerable. They have the mindset of “It hasn’t happened to me, so it won’t.” Along those same lines, they might not even take password security seriously. According to research conducted by Trace Security, upward of 80% of ALL breaches come down to one vulnerability: weak passwords! Even in 2020, people are still using passwords like “12345” and “password” to protect sensitive data, such as banking information and customer records. Secure passwords that are changed regularly can protect your business!
3. Small & Midsize Businesses Often Don’t Have The Resources They Need. Generally speaking, large companies have more resources to put into IT security. While this isn’t always true (even big companies skimp on cybersecurity, as the headlines remind us), hackers spend less time focused on big targets because they assume it will take more of their own resources (time and effort) to get what they want (money or sensitive data). Many SMBs lack the resources like capital and personnel to put toward IT security, so hackers are more confident in attacking these businesses.
Just because you haven’t had any major problems for years – or at all – is a bad excuse for not maintaining your technology systems. Threats are growing in number by the day. While many small businesses might think, “I don’t have the time or resources for good security,” that’s not true! You don’t need to. Businesses of every size, regardless of their security risk in the past, need to prioritize security. And one great thing about technology today – while many hackers are doing everything they can to use technology against us, you can use it against them too. Partnering with a dedicated and experienced IT security solutions team at a reputable technology consulting company can help you go to work fighting the good fight.