There are many businesses that deal in volume, WalMart and Amazon are the current giants in this arena. Instead of selling big-ticket items to a small number of clients you can make just as much money, or perhaps more, by selling many cheaper items at a smaller profit. Selling big-ticket items is much more of a pain: highly paid sales staff, contracts, and negotiations, not to mention spreading your profit thin while waiting for the next big deal. Cybercriminals have found this out too, which is why they are moving from hitting large enterprises with deep pockets to local governments and small and medium-sized businesses. 43% of cyber attacks now target small business and this number is growing.
Large enterprises have IT staff, cybersecurity staff, C-level technical executives, and board members investing in cybersecurity programs. The work required is high, the payoff can be huge, but the authorities will also take notice. Instead, what if attackers were to hit many smaller businesses at lower payouts but with little effort and much less of a chance of anyone taking notice?
SMBs typically have little in the way of cybersecurity maturity, particularly in the areas of Detection and Incident Response. 60% have no cybersecurity plan whatsoever (https://www.keepersecurity.com/blog/2019/07/24/cyber-mindset-exposed-keeper-unveils-its-2019-smb-cyberthreat-study/). Ransomware attacks are especially effective against businesses that would be willing to pay thousands in Bitcoin to regain access to their computers and business data. Not having an available point of sale machine, not having access to customer data or not being able to make and receive payments can bankrupt a business in short order. While SMBs can’t afford to not pay the ransom, they can’t afford to pay it either. According to the National Cyber Security Alliance, 60 percent of small and midsized businesses that are hacked go out of business within six months.
As cybercriminals continue to target small businesses, owners need to learn how to protect themselves and their businesses. Luckily, there are people willing to help.
One in four SMBs that don’t have a cybersecurity plan say that they don’t know where to start. Timberwolf Information Security specializes in developing cybersecurity strategy for organizations of all sizes. Contact Us for more information on our SMB-focused cybersecurity programs.