If you’ve ever thought, “I’m such a small business, I don’t need to worry too much about cybercriminals targeting me, or my data,” you are mistaken. And it’s our happy job to change your opinion and put you as on guard when it comes to your system and data as if you were running a multi-million-pound operation.
Why you may think cybercriminals are not interested in small businesses
Maybe you’re a specialist service provider with only a handful of select clients. Maybe you literally sell only one low-price physical product in bulk and have extremely limited local customer data. Or maybe you broker services and see yourself as a middle-person, neither in one industry or another, with quite a fluid, undefined business of no possible interest to anyone wanting to steal data, funds or hold you to ransom.
It's a mistake to think that because you’re a small business, cybercriminals don’t want to target you.
Small businesses are increasingly just as likely to be targeted by cybercriminals
According to Verizon’s annual Data Breach Investigation Report, 46% of data breaches affected small businesses with less than 1,000 employees, and 90% of breaches were financially motivated.
Cybercriminals often don’t want the hassle and effort of attacking a large organisation, which, for one thing, has a lot more security in place than the average small business, and, should they succeed, attract a lot of attention. Large-scale breaches alert security experts to put new measures in place to stop cyberattacks, which effectively makes the cybercriminals’ job harder.
Effort compared to gains
Think of the effort it takes to hack into a large, security-switched on corporation or pull off a successful phishing attack from a workforce clued-up and trained in spotting scams and suspect emails. Now think of the effort it takes for an attacker to gain access to an IT system where everyone uses the word PASSWORD as their password and takes their security for granted.
Cybercriminals are not known for being intellectually challenged and can easily figure out that targeting 100 small businesses quickly and easily can ensure the same gains as from one attack on a larger-scale organisation, without the hassle or hard work.
It’s not just you, it’s your connections
It can be the case that a small business is targeted by a cybercriminal, not necessarily for what can be gained directly from them, but who they are connected to. Data breaches can reveal your suppliers and your customers and give valuable details to cybercriminals whose real target is someone in your chain.
Just by virtue of you being in proximity to a cybercriminal’s juicier target, makes you vulnerable to an attack.
If we suffer a data breach, we’ll just pay the fine and set up shop again
Really? Is this the attitude of a business people want to be associated with, or buy from in the future once they find out you’re the same untrustworthy outfit that didn’t take care of their data in the first place?
There’s only one right approach when it comes to cybersecurity
It’s true, there’s only one successful approach to cybersecurity and that’s to do it and get measures in place. No business is too small to escape a cybercriminal’s notice and there’s a lot you can do to protect yours.
Our blog post, How to protect against ransomware is a good place to start, with the basic measures you need to put in place to protect your organisation, explained along with the risks of not doing so.
Alternatively, you could skip straight to IT support with the experts and let us take care of it all for you, along with all the cybersecurity measures you would expect from IT techies experienced in keeping businesses safe, operational and secure.
< Read more articles on our IT Academy
Buying a laptop for work? Read this first!
It’s crucial you get the right specification laptop for your work and business, or you run the risk of failing in online security and GDPR and facing costly upgrades.
Make password management a first line of defence
If you do nothing else when it comes to cybersecurity use a secure password manager as an effective first line defence. It takes only one stolen credential.