Cybersecurity is a growing concern for all companies. With a wave of significant data breaches in 2014, from large corporations to celebrities, to film studios, companies are turning their efforts to implementing advanced methods of security measures. Terry M. Evans, president of Cybersecurity Biz, LLC., noted the trend of cybercrime and company hacks will continue, but the targets in 2015 are going to small and medium-sized businesses, as well as non-profit organizations.
Humans are the vulnerable point
Evans stated there has been a significant increase in social engineering, which is a tactic for targeting companies. Social engineering relies on low tech theft, as opposed to tech-heavy hacking methods. The process manipulates employees into voluntarily giving up their information. Evans said this is easier to accomplish in smaller businesses than in large companies, as corporations have advanced spam and security measures in place.
“Larger companies have invested in cybersecurity solutions and understand the risks,” Evans said. “Unfortunately, smaller sized operation and non-profits erroneously think they are immune, when in fact they are easy prey for cyber criminals.”
Evans recommended all small businesses train employees on social engineering awareness.
His concerns are consistent with other news reports and professional opinions. For example, 60 percent of all cybercrime is now focused on small businesses, but only 9 percent of small businesses have mobile security and 80 percent don’t use data protection or encryption methods, according to a McAfee study.
Gary Davis, Chief Consumer Security Evangelist for Intel Security spoke with USA Today about the threats pertaining to small businesses.
“Today’s cybercriminals tend to focus on the easiest targets with the weakest security resources, such small Main Street businesses,” Davis said. “They work diligently to steal precious customer and employee data and have the capacity to gain access to larger enterprises.”
Spending money without utilizing software
Those small businesses that are investing in advanced methods of cyber security may not be utilizing it correctly, according to a new survey by Trustwave. Business News Daily reported on the survey, which looked at 172 IT professionals. Of those, small businesses spent an average of $157 per employee on security software, while larger companies paid about $73 per employee. But this additional spending does not mean additional security if the small business IT team does not have the time or the manpower to keep the software up to date.
In fact, 35 percent of the survey’s respondents cited their IT staff was too busy to implement their software properly, while 33 percent blamed limited manpower on not being able to utilize the software as intended.
With small businesses being a main target of cyber criminals, it is important they take necessary precautions to not only have correct cyber security measures in place, but also make sure the employees are familiar with how to operate it and understand its importance. Having business insurance is important to protect a company in the event of a breach, but cybersecurity methods are equally necessary to prevent theft from happening at all.
