With so much of the consumer and business worlds existing predominantly online, cybersecurity has never been more critical. Out of necessity, individuals and organizations alike have already incorporated digital vigilance into their routines. For instance, consumers are hesitant to provide their social security number or medical records to a company that has just been hacked, and the majority of businesses recognize that they are completely responsible for the security of their customer and employee data. In fact, it's widely acknowledged that few businesses are capable of survival when customer trust is broken.
Despite these realities, many small-medium businesses (SMBs) are failing to protect themselves, their employees and their customers. Only 14 percent of SMBs rate their ability to mitigate cyber-risks, vulnerabilities and attacks as highly effective, and more than 50 percent of SMBs have experienced some kind of cyberattack in the past 12 months. Even more startling,65 percent of SMBs with a password policy report they do not strictly enforce it, and a whopping 75 percent of SMBs don't have cyber-risk insurance or aren't sure if their policy will cover a cyberattack.
There are a myriad of reasons why SMBs lag behind larger businesses-and even consumers-when it comes to cybersecurity. First, many believe they couldn't possibly be a target. They mistakenly rest easy, assuming that as a 'small fish,' malicious hackers won't notice them and instead focus on larger prey (i.e. enterprise organizations). However, 43 percent of phishing campaigns target SMBs specifically, which marks a dramatic increase since 2011 when just 18 percent of phishing campaigns targeted SMBs.
Another reason why SMBs fail to protect themselves is because the cybersecurity market is frankly overcrowded and confusing. A quick Google search for "cybersecurity solution" populates more than 15,300,000 results, and few cybersecurity companies focus on catering to SMBs, making it near impossible to differentiate between the slew of various products available and pinpoint one that best fits the unique needs of a growing business.
Perhaps the most dangerous disconnect between SMBs and cybersecurity is that many "feel they don't store any valuable data," according to research from Symantec. The majority of SMBs do store valuable customer information; information that serves as highly enticing targets for hackers. In fact, 68 percent of SMBs store email address, 64 percent store phone numbers and 54 percent store billing addresses.
To read the full article, head over to SIA Update.