Businesses under siege

Businesses under siege

Laura Haight
BizSafe, security, training, technology

By Laura Haight

If every other house on your street was burglarized, would you be worried enough to better protect yours? 

Of course, you would. And yet that is exactly what is happening to small businesses today, according to the National Association of Small Business 2014 survey, released last week. In it, the NASB reports that 50 percent of businesses with fewer than 500 employees (the definition of "small") had been hacked or infected by cyber-crime last year. That's up from 44 percent the previous year. 

For an even more dire picture, take a look at the Duke University/CFO Magazine report released on June 5 that reports 80 percent of all US companies, regardless of size, had had their technology systems compromised. The most vulnerable, the report states, smaller businesses, 85 percent of which are "under siege." 

For small businesses, the numbers are going up - and not in a good way. More from the NASB report shows: 

  • Number of days to resolve an attack is up to 3-5 for 33 percent of businesses, up from 20 percent in 2013.
  • Amount the attack costs a business ballooned from $8,799 in 2013 to $20,752 in 2014. A broader measurement from the American Association of Fraud Investigators, reported last year that the average cost was $145,000.
  • Percentage of small businesses that actually had a disruption of service from the attack: 58 percent. 

What's not going up? Apparently business owners' level of concern. In a 2013 Technology Survey, the NASB reported that 59 percent of owners were "very concerned" about cybersecurity for their businesses. In the 2014 survey, that dropped to 42 percent. 

Also in the 2013 report, 79 percent of business owners reported that they had anywhere from "No understanding" to a "Moderate Understanding" of cybersecurity issues. And yet, 39 percent said that they handled their own security. Another 33 percent had a staffer do it.

John Graham, director of the Duke survey and a professor at the university's Fuqua School of Business, said in a statement. "No one appears safe. The situation may even be worse than reported because many firms might not even realize that they have been attacked."

Graham explained smaller firms are more vulnerable because they don't devote as much resources to protect their data. The survey showed that smaller firms were half as likely to take certain extra steps to block hackers, including trying to break into their own systems, hiring staff to protect data or requiring extra training of staff.

Graham is right. This isn't a problem that can be solved with hardware and software. No amount of money can protect you from authenticated users in your business who act either unconsciously or carelessly and put your business at risk. It only takes one chink in the armor to ultimately knock down or circumvent all your defenses. 

FBI cyber division chief Joseph Demarest has a blunt message: "You're going to be hacked. Have a plan."

BizSafe, a service jointly offered by Portfolio and Fraud Investigator Kelly Wessel, is the foundation of a plan. It can help by assessing your risk, auditing your processes and evaluating your staff's ability to serve as your guardians at the gate. Once you know where you are, we can help you get where you need to be.

Don't think you need this? The next business confab you go to, look around the room. Look at the business owner to your right and left of you. One of you has almost certainly been hacked. Are you sure it's not you?

More posts on security

Featured
Election Security is not a hoax
Cybersecurity, cybersecurity, security
Election Security is not a hoax
Cybersecurity, cybersecurity, security

New tech’s debut as a tool in national elections hasn’t been a big success. Here are some reasons why and what other organizations can learn from the experience.

21822233 - vector mobile app development icon

Cybersecurity, cybersecurity, security
Gov't uses location tracking to find illegal immigrants
privacy, futurist, In the news, mobile technology, security
Gov't uses location tracking to find illegal immigrants
privacy, futurist, In the news, mobile technology, security

Why should you worry if the government is tracking down illegal immigrants by using their cell phone data? Today it’s immigrants; tomorrow it could be Muslims. Someday, it could be you.

privacy, futurist, In the news, mobile technology, security
Who's in charge of your privacy?
privacy, security
Who's in charge of your privacy?
privacy, security

Who’s responsible to make sure your privacy is protected? You are. There a few small things you can do right now to take control. Happy Data Privacy Day.

privacy, security
Holiday scammers are fueled by tech
In the news, security, privacy
Holiday scammers are fueled by tech
In the news, security, privacy

Holiday scammers can take the Ho-Ho-Ho and turn it into Oh NO! These tips can help you navigate the holidays.

In the news, security, privacy
The good, the bad, and the ugly of location services
In the news, mobile technology, privacy, security
The good, the bad, and the ugly of location services
In the news, mobile technology, privacy, security

At the intersection of convenience and privacy assault is location data. And caught up in this tangled web of contradictions are individual users.

In the news, mobile technology, privacy, security
What to do when online reviewers throw eggs at your business

What to do when online reviewers throw eggs at your business
How much is that blog post photo worth?

How much is that blog post photo worth?