Directive Blogs
4 Facts About Cybersecurity Oneonta Business Owners Need to Know
If you are going to take away any information about cybersecurity, these four facts are the most important. More importantly, taking them seriously will likely help you and your business stay out of serious danger, avoid data loss, and prevent massive unexpected loss in revenue.
No Business is Too Small to Avoid Cyberthreats
It’s so easy to feel like you are safe simply because you are just a small, local business. After all, you don’t hear about local businesses getting hacked in the headlines. Most of the time, you only hear about huge corporations dealing with data breaches and other attacks because the attack involves the personal data of thousands or millions of people. Something that large-scale definitely gets plenty of news coverage, and depending on the industry, the different states and countries the corporation does business in, and various other factors, they might be required by law to report it and make public statements.
When smaller businesses get attacked, they might just bear the brunt of it and hope for the best. Or they simply file for bankruptcy, if it’s bad enough. It also depends on what kind of data you store, the nature of the hack, who is affected, and other factors. If a restaurant with cloud-based point-of-sale systems suffers some kind of an attack, they usually won’t have credit cards and customer information stolen, but they might lose the ability to take payments for a day or two, or they might only have employee information stolen, depending on how and where they store their data. That’s still bad—really bad, but at least it doesn’t involve a huge amount of public damage control.
A whopping 43 percent of all cyberattacks target small businesses. Sure, the bigger organizations paint bigger, more attractive targets on their backs, but smaller businesses tend to be easier targets, and the payoff for the criminals is well worth the effort.
The bottom line is that you are not immune. It’s just a matter of when you’ll get attacked (or get attacked again).
Cyberattacks are Getting More and More Expensive
Who has an extra ten grand to just throw away? Not only are cyberattacks becoming more and more frequent every year, but the costs associated with them go up in terms of productivity lost through downtime, infrastructure costs, damage control, and returning to normal.
On top of that, most modern attacks are financially motivated. This isn’t like the early 2000s where viruses and malware were simply destructive. There are several ways cybercriminals gain from their work, the most popular are:
- Cryptomining - This is hidden malware that runs in the background of your computers, slowing them down and making it harder to get work done. It isn’t extremely disruptive, but over time it does cause issues, and at the same time, the criminals are producing cryptocurrency with your hardware.
- Selling Sensitive Information on the Dark Web - Personal information like names, birthdates, emails, usernames, passwords, medical info, and credit card info all have a dollar amount on the Dark Web.
- Extortion and Ransomware - This is by far the most common threat small businesses face. Ransomware quickly locks down every file and folder on a computer or across a network, and doesn’t give you access unless you pay the ransom, which can be hundreds, thousands, or hundreds of thousands of dollars. Sometimes, the criminal even threatens to leak all of the data and make it public if you don’t pay the ransom.
Cybercriminals Treat Their Work Like a Business
Forget what you think you know about hackers. Hollywood always portrays hackers as nerdy basement-dwelling shut-ins who have it out for society, but in real life, most cybercrime is actually performed by groups of people that more or less resemble a business.
Like any business, they optimize their processes and tweak their methods to get the highest return. They are constantly working towards causing the most harm and earning the most money by exploiting individuals and organizations.
In fact, investigations have shown that the source of a lot of online malware, scams, and cyberattacks lead back to actual offices that look just like any other office—watercoolers and all. Employees are given quotas, call scripts, email scripts, and other resources that work, and are expected to make their organization money. What’s worse, is some of these “businesses” overseas have been caught using human trafficking victims to do the dirty work.
Essentially, paying the ransom that comes with ransomware doesn’t just encourage the criminals to keep doing what they are doing—it feeds into something far, far worse.
Employees are a Major Vulnerability
Cybercriminals know that most businesses are equipping themselves with decent security solutions, and most cybercriminals aren’t as technically savvy (yet) to crack through them. This is good, but that just means the bad guys have tweaked their tactics. In their eyes, it’s much easier to get through a receptionist than it is to get through a firewall, and the payoff is still there.
Employees are usually the ones getting targeted with attacks, and in some cases, they are attacked on a daily basis. Between phishing attacks, texting scams, malware, social media scams, and countless other types of attacks, it’s only a matter of time before someone slips and makes a mistake.
In fact, 95% of cyberattacks can be walked back to simple human error. That also includes things like not running an update on a computer (if that is the user’s responsibility—it shouldn’t be, though) or having a weak password.
That being said, business owners and executives can’t ignore proper cybersecurity best practices. Those in power need to have good passwords, avoid scams, and take precaution when it comes to protecting their information. Your email inboxes and other accounts hold a lot of sensitive information, and you likely have access to plenty more. You should be working twice as hard to protect it.
Proper Cybersecurity Isn’t as Difficult (or Expensive) as it Sounds
Yes, it takes effort, and yes, it takes an investment, but in the grand scheme of things, IT security is something that keeps the wheels spinning and the lights on. You need to avoid threats that would otherwise cause massive pain and monetary damage to your business.
We help businesses and organizations of all sizes throughout Otsego, Chenango, and Delaware county meet and exceed cybersecurity compliance requirements, and we help protect businesses from threats while maintaining their technology.
If you need an IT provider in your corner that you can trust, give Directive a call at 607.433.2200 to set up a free consultation.