As a small business owner, you may assume cybersecurity isn’t a risk for your business. You’re just a minnow in a lake full of large-mouthed bass. Why would any fisherman try to catch you? However, you'd be mistaken, and in NextPoint IT’s experience, there are three critical questions most small business owners ask about the importance of security for their business’s IT but often assume the wrong answers:
Why would hackers target small businesses? Don’t large enterprises have far more valuable assets?
Yes, large enterprises have massive treasure troves of data and are heavily targeted by cybercriminals. But they're not their sole focus.
When you think of hackers as a “business” with a “business plan,” it makes the answer a bit easier to understand. Cybercriminals are strategically running attacks, the same way you strategically run your sales funnel. They run a “sales campaign” with a list of leads of businesses who may have security flaws. These leads become prospects if the attack successfully infiltrates the business's network. These prospects then become customers if the hackers can obtain something of value within that network.
With that analogy in mind, it becomes clearer why small businesses are targets. Hackers know that many small businesses either have no or minimal security to protect against attacks especially without a dedicated IT resource compared to large enterprises with whole teams of cybersecurity experts. If cybercriminals target 100 small businesses knowing they have a 40-50% conversion rate, that's 40-50 small businesses with data they can now exploit and sell. It’s no wonder small businesses are 43% of all cybersecurity attacks.
And small businesses are often the key for hackers to work their way into larger enterprises who work with these businesses…the same way a sales strategy sometimes tries to work up a vendor chain to become a customer of a large enterprise.
Do I even have anything of value to steal?
Every business has at least two critical items of value to hackers, employee data and critical business files. If hackers can get sensitive data about your employees, they can sell it on the dark web to make a quick buck. Sure, they may not make a ton, but with a 40-50% conversion rate, they’re focusing on volume of sales.
Cybercriminals can also use ransomware to lock critical business files and blackmail you into paying for their release. How many electronic files do you have right now that you need to run your business? Would you pay someone to get these files back at a reasonable cost if they were stolen?
And if your small business stores any customer data, that’s another valuable resource that hackers can sell.
What should I do about my security?
NextPoint IT would recommend the following actions to help protect you against security attacks:
NextPoint IT would also love to come and conduct a free IT assessment and consultation for any small business in the Fishers, Carmel, Westfield, or Indianapolis, Indiana area to provide you with some individualized feedback on your current security concerns. We offer antivirus, firewall, patching and updating, and security policy services, and we have cybersecurity partners in the event your business needs demand a more specialized approach. Just comment below and we'll be in touch!
Cyber Security Statistics
24 Cybersecurity Statistics That Matter In 2019
SCORE Webinar: Internet Security Challenges for Small Businesses
SCORE Webinar: Small Business Cyber Security Preparedness 101
FCC’s Cybersecurity for Small Business
Cybersecurity: A Small Business Guide
SBA’s Top Ten Cybersecurity Tips
Credit: Tim Ludden