Cybersecurity: A Problem too Big for Small Businesses to Ignore

It seems like every day there is a new story of a data breach or cyber-attack reported in the news. As more and more of our activities take place online the threat of cybersecurity increases.

Despite this, few small businesses take steps to protect their systems and information from cyber-attacks. In fact, studies show that 54% of small businesses believe hackers aren’t interested in their company because it’s “too small.”  If you happen to fall into that category, consider these facts:

  • 43% of cyber-attacks target small businesses
  • 60% of those companies don’t recover and go out of business.

Yes, you read that correctly. More than half of small businesses that suffer from a cyber-attack will close.

If that’s not enough to spur you into action, chew on this: the risks of insecure information include:

  • Loss of revenue
  • Loss of customers
  • Loss of productivity
  • Loss of contracts
  • Financial penalties
  • Lawsuits

So what can you do?

The first step is gaining an awareness of the cyber-threats you face, in order to protect against them.

Top 3 Cyber Threats to Small Businesses

#1 Ransomware

I am sure by now everyone is familiar with Ransomware.  It is a specific type of malware that encrypts a victim’s files and makes the device where they are stored inoperable.  Once the malware is on your system, the attacker demands to be paid a ransom from the victim to restore access to the encrypted files.  The most recent and largest-known attack occurred just last week on U.S. energy infrastructure, Colonial Pipeline

Ransomware can be disastrous for a small business. Without access to systems and data, business operations will be severely limited.  Paying the ransom does not always guarantee that the files will be restored.  Recovery can be both timely and costly

#2 Phishing attacks

The most common method of attack, phishing, is the fraudulent attempt to steal sensitive information, such as passwords, credit card numbers, or other personal details by pretending to be a trusted source. Since the onset of the pandemic, there has been a 600% increase in phishing. 

While there are several types of phishing, email phishing is the most common method.  Email phishing is a method used by hackers to trick you into providing sensitive information such as login credentials or back account information.  The spoofed email appears to be from a legitimate source, such as a supplier or, even someone within your organization.  Once they gain access to your information, they will attempt to install malware on your device or steal data.

#3 Remote Workers

The increase in remote workers has also increased the threat of cyber-attacks, as workers use home networks and personal devices that may be vulnerable.

This type of threat is often overlooked because it involves an employee or business partner.  Even if you have taken steps to secure your systems, an unsecured personal device, such as a cell phone, could be used as a gateway to allow sensitive information about your business to be leaked or stolen.

Why Small Businesses are Targeted

Cyber criminals have learned that small businesses are less likely to have strong security measures implemented.  Criminals go after weaker targets because it will yield results with minimal effort. 

Hackers may also use small businesses as an attack vector to target a much larger company.  While large companies have the resources to defend against a cyber-attack, they may inadvertently be compromised because of an attack on an insecure small business in its supply chain. This is just one of the reasons for the DoD’s new CMMC requirement for federal contractors. 

At Wells Mason, we understand that cybersecurity is a challenge for small businesses. Beyond the expense of implementing security measures, it may feel onerous to go through the steps required to keep information secure. Yet, when done right, cybersecurity can increase productivity, enhance product integrity, and improve the customer’s experience. 

If you’d like to understand what a cybersecurity plan would look like for your business, contact us today for a free consultation. T

Leave a comment

Your email address will not be published. Required fields are marked *

Get In Touch

Are you ready to chat about your organization’s cybersecurity initiatives? Tell us more about your organization and its needs and let’s start the conversation.