Implementing proper cyber security measures is often a luxury and not a necessity to most of the small business owners. According to a survey of small-business owners by Nationwide found only 13% of respondents believed they had experienced a cyber attack. Unfortunately, small business houses are the soft target of cyber criminals which can cripple a company causing damage to reputation, money and time.
If your favorite café lounge or fitness center does not have their cyber security measures in place, then you must be worried. When business owners were given a list of cyber attacks to review, 58% realized that they have been victimized. And mind it; this happened only after understanding which incidents are classified as cyber attacks. "Although awareness is increasing, small-business owners are still not even realizing when they've been victims of cyber attacks," said Karen Johnston, technical consultant for Nationwide. "Small-business owners have a misconception that cybercriminals are only targeting large corporations, but that couldn't be further from the truth.
The most common attacks identified by the victims are phishing, computer viruses, Trojan horses, data breaches, ransomwares etc. But the question arises, why the small business houses are being targeted by the criminals? There are few reasons:
Organizations often find it difficult to recover from a cyber attack for the lack of its response plan in place to protect employee data or client data. Though majority of business owners admit that it's important to implement cyber security best practices, very few have actually executed the plan.
85% of small businesses say it's important to protect their company's computers against viruses, spyware and other malicious code. Where 65% of small businesses who actually protect their company's computers.
85% admits it's important to secure their company’s computer, where only 58% actually secure their company's computers.
85% say it's important to make regular backups of business data and information and 59% actually make regular backups of business data and information.
83% say that it's important to establish security practices and policies to protect sensitive information and only 50% actually establish security practices and policies.
81% say it's important to control physical access to computers and network components and 60% actually control physical access to computers and network components.
80% admits it's important to require employees to use strong passwords and to change them often and 52% actually require employees to do so.
But this doesn't mean that consumer data is secured with large firms. "Equifax" is a perfect example of a large sophisticated business, which actually has a significant cyber security budget, and yet they were not able to protect themselves," said Adam Bobrow, chief executive officer of Foresight Resilience Strategies. "You can't use a company's size as an indicator of whether it's going to be cyber secure." So, consumers also need to be very careful while giving out their personal data as it’s a matter of their own safety.
Statistics from: smallbusiness.com