The most famous last words of cybersecurity
.png)
Ops and BD
Introduction
The biggest mistake that smaller companies and businesses make when it comes to cyberattacks is thinking that they are not at risk, or that it will never happen to them. We often refer to this phenomenon as “security through obscurity.” While not the safest strategy 5 or 10 years ago, many businesses successfully operated under this premise as their chances of suffering a cyberattack then were significantly less than they are today.
Unfortunately, times have changed and the common perception of “it won’t happen to me” is no longer the reality. As larger companies have started to get better at cybersecurity and preventing cyberattacks, attackers are increasingly moving downstream and targeting smaller businesses which represent easier targets. The advent of AI has helped to make the automation of simultaneous attacks on multiple small businesses at once possible. Furthermore, the dawn of crypto currencies has helped to make ransom payments untraceable to law enforcement and has facilitated this move downstream for bad actors making smaller attacks and ransom requests more worthwhile for them.
For the first time ever last year, the majority of small businesses were the target of a cyberattack. This is a sobering statistic. However, many businesses still have their head in the sand and make excuses at their own peril.
.png)
Here are some of the most common “famous last words” of cybersecurity for small businesses:
1. “Hackers Don’t Care About My Business, I’m Too Small”
The truth is that the data shows that hackers DO care about your business. Strong DM reported in the last year that 61% of SMBs were the target of a cyberattack, and Expert Insights recently reported that 71% of all ransomware attacks now target small businesses.
2. “My IT Person Handles It”
Do they? Do you actually have a good understanding of what your IT professional is doing to protect you? Many IT workers are great security generalists, but they might not specialize in cybersecurity.
3. “I’m Secure. I Have Anti-Virus”
Anti-Virus is one important part of cybersecurity, but it is far from a panacea to all cybersecurity risks. Real cybersecurity involves a holistic approach. Most smaller companies tend to focus only on one or two areas of potential risk and think they are covered. It is only when they are attacked in another area where they have little or no defense that they learn this painful lesson.
4. “It’s Too Complex - I Don’t Know What to Do”
The “Cybersecurity Industrial Complex” has a vested interest in making everyday business owners think that cybersecurity is complicated and expensive. It does not have to be. However, it is in their economic interest to make smaller companies and businesses think that it is. Small businesses need to understand that there are now inexpensive and effective ways to protect themselves that don’t involve cobbling together overly expensive and complicated point solutions designed for large companies.
5. “I Don’t Need Security - I Don’t Have Anything to Protect”
Does your business create invoices or collect credit card information? Do you interact or house any data from customers or any other partners that you do business with? Do you use any apps (i.e. Email, Zoom, Slack) on multiple devices, or store any information in the cloud? If your answer was “yes” to any of these questions, then you do have information to protect…and to lose if a hacker gets control of it.
Like any form of risk mitigation, cybersecurity takes a bit of effort and work. However, the benefits of those efforts far outweigh the costs. As the old saying goes, an ounce of prevention is worth a pound of cure. Don’t be a victim. Take control of your destiny by creating a cybersecure future for your business. We help small businesses get secure every day, and we’d love to help you too!
