Small Business, Big Target: The Growing Cyber Threat for SMBs
While nation-state and nation-state backed cyberattacks continue to dominate national and global headlines, the majority of ransomware attacks and data breach events in the past year have targeted Main Street – victimizing privately owned, small and mid-sized businesses (SMB). In a recent Cybercrime Magazine podcast, Scott Schober, cybersecurity expert and author of “Cybersecurity is Everybody’s Business”, summarized the current situation.
“There are 30 million small businesses in the US that need to stay safe from phishing attacks, malware spying, ransomware, identity theft, major (data) breaches and hackers who would compromise their security,” he said. “The cost of ransomware has skyrocketed and that’s a huge concern for small businesses — and it doesn’t look like there’s any end in sight.”
How do ransomware attacks impact small businesses?
According to numerous sources, more than half of all cyberattacks in the pandemic era were committed against small-to-midsized businesses (SMBs), and a large percentage of victimized companies go out of business within six months of the initial discovery of a data breach or hack.
While companies paid an average ransom of over $170,000 in 2021, the actual cost of ransomware recovery is much higher. Cybersecurity studies have found the total costs of remediating ransomware attacks can be close to $2 million after accounting for downtime, lost business, data loss and reputational damage.
How can small businesses prevent ransomware attacks?
Small and medium-sized businesses frequently lack the financial resources, cyber awareness and IT skill set to combat the rapidly expanding challenges of information security.
A recently-published Better Business Bureau survey found that for small businesses — which make up more than 97 percent of total businesses in North America — the primary challenges to developing a cybersecurity plan are a lack of resources and a lack of knowledge of where to start. In parallel, cyber insurance costs continue to rise, particularly for businesses where a lack of preparedness creates an unfavorable risk profile related to obtaining affordable coverage.
According to the FBI, the reported incidence of cybercrime attacks upon SMB’s has quadrupled since the onset of the COVID-19 pandemic. A recent Keeper Security survey of SMB executives found that two-thirds of SMBs reported suffering a cyberattack in the past two years; paradoxically, other recent industry surveys have reported that nearly 7 in 10 small businesses do not have a formal response plan in place, and fewer than a third are actively developing one.
While small and midsize businesses may not have the luxury of deploying the level of resources available to larger enterprises to combat ransomware attacks and other cybercrime, they do have one thing in common with their bigger counterparts: SMBs generate, manage, and store data assets that attackers seek to exploit. The mindset of “we’re too small to be a target” is a misconception that stands in stark contrast with the recent trends cited above.
Small businesses should consider a data-centric approach to protect the assets that attackers desire most – sensitive and mission-critical data that hackers seek to exfiltrate and exploit.
Myota was designed to make it easy for businesses to transform their data into its own security zone. Myota intelligently delivers Zero Trust protection that allows business to withstand ransomware and data breach attacks, while providing efficient backup and restoration capabilities – all in a single platform. Learn more about how Myota can help SMBs to fight back against today’s cyber threats at www.myota.io.