Maybe you’ve heard this one before… “Hackers prefer to exploit big, lucrative targets.” And with massive cybersecurity breaches like those at Adobe, Equifax, Target and Facebook grabbing the headlines, it’s understandable that small and medium-sized businesses (SMBs) might think they’re safe… too small to be a hacker’s target. It’s the old, “just blend in and avoid trouble” strategy. But the problem with that strategy, and actually there are a bunch of problems with that strategy, but the biggest problem?
It just… doesn’t… work. And blind faith in this “small = safe” fallacy puts dozens of SMBs out of business every single day.
**SPOILER ALERT** It’s not a question of *if* you’ll be the target of a cyberattack. As an SMB, you are a target, you already were a target, and you will absolutely be targeted again.
But why? Why SMBs? Why now? What can you do about it? Let’s unpack this a bit…
There are at least 3 basic reasons:
- Value: nearly every SMB (including yours) holds a treasure trove of valuable data that can be exploited; such as customer addresses, payment information and trade secrets.
- Ease: Unlike larger corporations, SMBs typically have very modest security resources, making them a soft (easy) target for hackers. And then there’s the hacker’s leverage. Particularly when it comes to ransomware, SMB owners often feel forced into a “do or die” situation, paying a handsome ransom to regain access to their computers, business-critical data, intellectual property, inventory and financial information. In multiple interviews with SMB owners who’d paid hundreds, or thousands or hundreds of thousands of dollars in ransom, a common theme was the small business owner’s desperation to avoid the liability, embarrassment and reputational damage which threatened to destroy what they’d personally worked so hard to build.
- Volume: According to Deloitte, there are roughly 29 million SMBs in the US. If the Bad Actor can’t hack Jack’s Snack Shack, do they give up their nefarious ways for a new life of pro bono web development for philanthropic causes? Sadly, no. Not while there are 28,999,999* other SMB targets of cyberattack opportunity ripe for the hackin’.
*WARNING — As one SMB in 29M, you might be tempted to think that there’s safety in numbers. There’s not. More on that in a moment.
COVID-19 has created unprecedented disruption and uncertainty in every country, industry, business, and for many millions of hard-working people. The pandemic has also created new concerns for SMBs, particularly as they relate to remote environments. In interviews with Vanson Bourne Research/ConnectWise, 79% of SMB owners admitted that they’re worried about their remote devices or remote employees being breached. Looking further ahead and although still a relatively new frontier for most SMBs, the majority of owners surveyed expect that at least 1/3 of their workforce will continue to be either remote or in a hybrid workplace arrangement through the early months of 2022.
BIG PICTURE: 86% percent of SMB owners say that cybersecurity is within their top five priorities for their organization in 2021. And according to the numbers, it should be.
According to the Ponemon Institute’s 2019 State of Cybersecurity in Small and Medium-Sized Businesses report, cyberattacks have increased dramatically over the past 4 years. Seventy-six percent of companies in the United States were attacked in 2019… a significant surge from 55% just two years earlier. Sixty-nine percent of US businesses reported data breaches in 2019, up from 50% in 2016.
The financial consequences for businesses which are victims of cyberattacks have also increased considerably. In 2020, the average cost of a security breach or theft of IT assets and infrastructure for an SMB was more than $200,000. Worse yet, for the majority of SMBs impacted, that breach was a deathblow. More than 60% did not survive and were out of business within 6 months of being victimized. While 2021 data is still being compiled and analyzed, these troubling trends are expected to continue.
Target or victim? Pick one.
As an SMB, being proactive when it comes to cybersecurity is the only way to stop “being the target of a cybersecurity attack” from becoming “being the victim of a cybersecurity attack.” You are already a target. Will you be a victim? That’s an important, and potentially $200,000+ distinction.
Regardless of industry, but especially now, your SMB needs cutting-edge cybersecurity solutions to protect your business from ever-growing cybersecurity threats. The most effective strategy to help prevent cyberattacks and protect your business from malicious threats is the one that, by design, fits the specific needs of your business. As a managed IT services provider (MSP), businesses of all sizes across the upper Midwest look to Citon for trusted cybersecurity expertise and robust, scalable, dynamic solutions to protect against significant losses. Citon offers a full range of proactive IT support which focuses on advanced security, around-the-clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more.
Best of all, because managed services are designed to identify and fix weak spots in your IT infrastructure, you’ll optimize the digital backbone of your business processes. You’ll have faster network performance, a solid business continuity and disaster recovery strategy, and minimal downtime, backed by a dedicated, friendly team of local IT professionals ready to assist you with any technology problems you may encounter.
If you’d like to know more about how Citon’s managed services can benefit your business, reach out — we’re here to help protect what you’ve worked so hard to build.
Acknowledgements include: the Ponemon Institute, TechAdvisory.org and Vanson Bourne Research/ConnectWise.