Remember Mad magazine’s spokesman, Alfred E. Newman and his catch phrase, “What me Worry?’ This attitude is has taken root in many organizations’ views of cybersecurity and shows little improvement. Cyber security experts estimate that only one in three small medium sized businesses (SMB) and small municipalities, with 50 or fewer employees rely on free or consumer-grade cybersecurity products. Additional research indicated that one in five companies do not use any endpoint security either. A recent voluntary reporting research project surveyed small businesses in the UK and the US, suggested that nearly 43 percent SMB owners are not prepared for a potential cyberattack or breach leaving their most sensitive financial, customer, and business data at risk.
SMB’s are prime targets for cyberattacks and data breaches, because they do not prioritize security. For several reasons including and not limited to the lack of knowledge/danger of cyber threats, costs of software or hardware defenses and the ability to pay for cyber professionals in house or as consultants. These smaller organizations are prime phishing and ransomware targets, because cybercriminals are aware the non-existence of cyber defenses. Unfortunately, many business owners and local government officials may be inclined to skip cybersecurity, in favor of using financial resources for “more important” uses. It only takes one attack to close the doors of a business or a government entity.
The research also pointed out the massive discrepancies between what SMB owners believe versus the real-world cyber threat scenarios. According to the research 60% of SMB owners feel that they will not face any kind of cybersecurity incidents, while in the actuality, nearly 19% SMBs suffered cyber incidents last year. The organizations that fell victims to cyberattacks not only experienced down time that resulted in no production or no city services were able to operate. These organizations were then required to spend tens of thousands of dollars on remediation and/or ransom payments to resolve the attack. Nearly 50% SMB owners stated that their employees did not receive any cybersecurity training. While 65% SMBs managed cybersecurity in-house, and less than 10% have a dedicated IT staff member.
It is important that SMBs understand the threats from cybercriminals. While large corporations and government entities fortify themselves with several layers of protection, small businesses often underestimate the financial and operational impacts of cyberattacks. Many small business owners believe that hackers only attack high-profile organizations when the reality is just the opposite. It is estimated that nearly 90% of breaches occur in small businesses. A bigger concern is that nearly 60% of small businesses shut down within six months of a cyberattack.
Red Sky Alliance has been has analyzing and documenting cyber threats for 8 years and maintains a resource library of malware and cyber actor reports. Please feel free to contact our analyst team for research assistance and Cyber Threat Analysis on your organization.
What can you do to better protect your organization today?
All data in transmission and at rest should be encrypted.
- Proper data back-up and off-site storage policies should be adopted and followed.
- Institute cyber threat and phishing training for all employees, with testing and updating.
- Review and update your cyber threat and information security policies and procedures. Make them a part of all emergency planning and training.
- Enroll your company/organization in RedXray for daily cyber threat notifications are directed at your domains. RedXray service is $500 a month and provides threat intelligence on nine (9) cyber threat categories including Keyloggers, with having to connect to your network.
- Purchase annual cyber insurance coverage from Red Sky Alliance provided by Cysurance.
Red Sky Alliance is in New Boston, NH USA and is a Cyber Threat Analysis and Intelligence Service organization and can help organizations anywhere in the world. For questions, comments or assistance, please contact the office directly at 888-RED-XRAY or (888)-733-9729, or email firstname.lastname@example.org