Study: Cyberattack Concerns Run High Among Small Businesses
In a digital world where businesses rely heavily on stable and secure electronic systems, there's a notable fear of cyberattacks among small-business owners, a recent association study finds.
Hackers and digital attackers are on the prowl, increasingly clawing their way into businesses’ IT systems—that’s the fear held by more than nine out of 10 respondents in the recent 2013 Small Business Technology Survey.
More details, below:
Some 94 percent of the 800 small-business owners surveyed expressed concern about a cyberattack and 44 percent reported having fallen victim to a digital break-in a recent National Small Business Association (NSBA) study [PDF].
Corporate security solutions provider Symantec says cyberattacks are increasingly targeting small businesses, which it defines as those with fewer than 250 employees. Especially in the manufacturing and knowledge sectors, cybercriminals target smaller firms to use their intellectual property or take advantage of subcontractor access to prized data that the hackers seek from bigger companies, according to Symantec.
Along with security, small-business owners in the survey listed the cost of upgrades and the amount of time to fix a problem as chief among their information technology concerns. But the results show short-term cost concerns associated with prevention might well be trumped by long-term repercussions of a digital break-in: A single attack cost small-business owners an average $8,699.48. And the average loss from having a business bank account hacked? That was $6,927.50, the survey found.
Protect to prevent
Not surprisingly, cloud computing and the use of smartphones and tablets have increased substantially among small businesses since 2010, according to the survey. Now, 74 percent of small-business owners said they use a smartphone, compared with only 57 percent three years ago. And technological developments and increased access now enable many business owners to let employees telecommute. Sixty percent do, up from 44 percent in 2010.
With digital information increasingly flowing outside the physical office space, cyberattackers have more access points, and taking precautionary measures is crucial. The Federal Communications Commission lays out guidelines to prevent a cyberattack. (Website access will resume when the federal government reopens, but for now, a cached version is available here.) The FCC stresses that organizations must properly train employees in basic security practices. Among the agency’s suggestions:
- Use strong passwords. They should also be embedded with expiration dates.
- Install firewall security and secure internet connections. This should apply for any work-related processes.
- Limit who can install software and access applications. Give each employee his or her own account.
- Create a mobile device action plan. Set a procedure for how to report lost or stolen equipment.
- Keep backup copies of all important data. If a cyberattacker manages to get into your system, you’ll want to ensure nothing gets wiped out.
While a combined 73 percent of business owners in the NSBA study said they have a high or moderate level of comprehension of cybersecurity issues, 25 percent reported having a low grasp of them, and 2 percent said they don’t understand the issues at all. Thirty-nine percent of those surveyed said they handle online security personally, as opposed to having staff (33 percent) or an external consultant (21 percent) do it.
“The sophistication of attacks, coupled with today’s IT complexities … require organizations to remain productive and use ‘defense in depth’ security measures to stay ahead of attacks,” Symantec CTO Stephen Trilling said in a statement that accompanied release of the latest edition of the company’s Internet Security Threat Report.
The ultimate message: Protect today to prevent tomorrow. It’s the best step to take to ensure the digital security of your organization.