It’s still easy to sit back and say, “What’s the problem? I just won’t click any suspicious emails or visit any “not safe for work” websites…how on earth are these supposed hackers going to cause issues with my tiny widget business?”
Six ways YOUR business may be targeted:
- Your internal and internet facing network. How strict is your wireless access? Who has permission to install software, and how regularly do you backup critical systems? Then think about the internet aspects of your business. How regularly are your internet connections’ and web applications’ vulnerability tested? Is your firewall properly maintained? Badly maintained and protected wireless and internet connections can easily let in hackers and other cyber criminals. If it isn’t secure, it could let in the following nasties…
- Malware (phishing, viruses, Trojans, worms, spyware and zombies)– short for malicious software, this is software used to disrupt computer operation, gather sensitive information, or gain access to private computer to find personal data, passwords and financial information. Malware is becoming more sophisticated, with recent malware programs all targeted at siphoning financial information. These people behind the malware programs are cyber-crooks, out to defraud individuals and organizations for financial gain. They steal personal banking information to transfer money out of users’ bank accounts and into their own. They also launch distributed “denial of service” attacks against corporations and ask for money in exchange for an end to the attack – basically, a form of blackmail.
- Revenge Hacking – in business, it’s easy to annoy someone enough to make them want to target you. Disgruntled ex-employees or unsavoury competitors can try to hack into your system to disrupt your company. A SME in the North East of England was the most recent victim of a “revenge hack”. An employee who had been sacked for gross misconduct, hacked into the energy company’s system, and shut down the online shop and website for a full two days, and posted a rather unsavory message on their website and social media platforms. It took a full two weeks to change the passwords and reset the system, and left a huge dent in the company’s profits and reputation. Other employees might just download databases of information, and share them elsewhere for their own profit, or take them to a competitor.
- Bring your own device to work – More than 95% of SMEs already allow personal devices to connect to internal systems, but few are fully considering the risks. These include personal laptops, smart phones or tablets. These are usually not checked by the company so could be infected with malware that could then infect your network, or could be used to download databases full of sensitive company data. Further risk comes in the form of overloaded networks – the extra capacity needed to run all these devices can overload your networks, letting malware sneak in to cause major problems.
- Make sure your suppliers aren’t your weakest link – The cloud is a technology many SMEs are interested in because of the benefits of flexibility, cost and less money needed for new hardware. But there remain questions over its security. Make sure you use professional, reliable providers and suppliers – check online reviews and reports – otherwise badly created or maintained systems can be easily infected. Perhaps you could even create a short series of questions for your suppliers to check that THEY understand the need for cyber security, and they are doing their best to protect their own business and customers against cyber criminals.
- The employee – As a small business, you probably have less money to invest in in-house IT expertise, preferring to use IT support partners when and where needed. It is the individual employee who could be a problem. You could spend thousands on cyber security, and still be let down by an individual who unwittingly clicks on a “phishing” email, or brings in an infected USB device.
Damage to YOUR business
Anyone of these cyber threats and crimes can cause HUGE problems for your small business. Once your security is breached, and the criminals have gathered information on your customers and their financial information, it will take you a long time to recover. A depressing statistic has reported that 60% of SMEs that have been a victim of cyber-crime fail within 6 months…
Sorry to be negative. But the damage to your brand will probably be irreparable. Your reputation will most definitely be damaged. No one is going to want to shop with a business that is unsafe, and may be unwittingly sending their details to be used by criminal gangs for their own nefarious purposes.
Huge businesses have massive problems once their security is breached (look at the recent Target security breach, the Orange data hacking problem, the Yahoo data breach), so can you imagine what it can do to a small business like yours?
Not only that, but if you supply a larger business, and they discover you’ve been hacked, they’re going to drop you like a hot potato. No one wants to do business with someone who could infect their IT systems. Small companies are vulnerable, and this vulnerability moves up the chain. For example, a small firm may have their email hacked, handing the cyber crime details of the large enterprises that they supply, who the large company’s contact is and what they buy. This information can then be used in phishing attacks on the big businesses.
Small and medium sized businesses need to realize how damaging cyber-crime can be, and how their lack of knowledge and interest makes them especially vulnerable to these criminals.
Alright, alright! I get it! So, how do I protect against these problems?
You don’t have the IT budget of the big companies, but there is still a lot you can do to stop these cyber threats.
- Staff Awareness, education and training- Educate yourself and your employees on the importance of safe and secure computing. Speak to an expert, who can tailor his advice to the size of your company and the threats it may face. Understand what cyber threats are, and the types that you might face, and the problems they could cause. Have regular training sessions to educate the team on best practice – what to do when bringing in their own device and the types of dangerous emails they may receive.
Do you need to fortify your environment for Compliance reasons? Is your business prepared for a business crippling event such as a cyber attack and or a catastrophic hardware failure? No, REALLY??
60% of Small to Medium sized businesses go out of business within 6 months of a Cyber attack like a RansomWare virus.
Having a Business Continuity plan that stays tried, updated, and tested on a regular report able basis is essential and a small investment in the future stability of the business. Because lets’s face, there’s only 2 types of businesses. The one’s that have been hit hard by a business crippling virus or some sort of cyber attack AND the ones that haven’t yet. The difference always comes down to the ones who are prepared vs the ones who are not. The prepared recover and minimize the damage. The later often crash and burn.
Give us a call and schedule an appointment to discuss a risk assessment to identify the potential dangerous pinholes in your network as well as help set you up with plan of action for fortifying your business against attack from internal or external! Call today 818-356-7188