I’m Not Big Enough To Be A Target Of Cyber Attacks

By Author: Discover the benefits of predictable IT expenses, allowing you to forecast for growth and save your
Total Articles: 5
Comment this article

Think again. Small companies are an ever growing ripe target base for the cybercriminal community.
Who do you do business with? Who do you service?
In 2013 when retailer Target was hacked the damage was so extensive that costs exceeded $250 million. Don’t get me wrong, Target’s external-facing cybersecurity wasn’t terrible, the attack came through a mom-and-pop type HVAC vendor with, what turned out to be, unnecessary access to Target’s network.
Small companies, like the HVAC company, are often targeted because they are unaware of, or operate under the illusion that they have no reason to be targeted by a cyberattack. Not only is this wrong, but the potential risk is magnified.
How about your local neighborhood mortgage attorney? Why would they need anything beyond run in the mill security measures? After all, its network doesn’t store much financial data, and it only maintains personal information on its clients, a few attorneys and its staff. Or the neighborhood Real Estate broker, or even pharmacist?
How could they all be possible targets? Cybersecurity isn’t necessary unless you’re ...
... a nation-wide retailer or a big bank, right? Wrong. Hackers make their living on that thinking.
You see, in every business, if you have something worth selling, you have something worth stealing. In the cases mentioned above, the companies are at a heightened level of risk because cybercriminals are on the prowl for the private, business, personal, or medical information available. One leaked email can confirm something, leak something, reveal something, or release a hacker on a trail that could lead to a windfall.
So while the data might not be as plentiful or the payout yield the same big profits or immediate returns that information stolen from a big bank or mighty company, it’s still valuable.
This volatile cocktail mix of financial motive and easy access should be alarming to us all. Not only for small firms but also their customers they serve and our data which resides with all of them.
The effects of breaches on small companies and their customers are severe. In the Target hack, the retailer’s sporting goods customers were just as much affected as its electronics or clothing customers.
The customers who had purchased anything, were all exposed.
So how can small companies protect themselves and compete?
A small company serving mid and small markets is typically small itself. An employee at a Fortune 500 company probably can’t forward a phishing email to his CEO, but at a small company, it’s more likely. That means it’s important for every employee to be diligent and exercise good cyber hygiene. Companies need to acquire some cyber awareness training.
Another step in mitigating cyber risk is to offset some of the risk by passing it off to an insurer. Insurance companies are increasingly getting into the cyber insurance market. Without some indemnification, a serious breach at a small company could lead to insolvency and send shock waves to its customers. Even a small amount of coverage protects not only the company but client base.
Lastly, every company should have the basics of good security protection installed. A managed anti-virus product, a smart firewall, and a good backup and business continuity solution.