The big-name companies that have been hacked in the past year or two may have caused many small business owners to briefly consider their own vulnerabilities to that type of effort. However, many unfortunately decide that instead of being proactive in trying to protect themselves they will instead wait to be reactive. Or worse, they might just figure this is the kind of thing which cannot happen to them.
But the fact of the matter is that a large and potentially growing number of small businesses are hit by this kind of hacking attack every year, and data breaches are only becoming more common as time goes on, according to a the latest State of Risk Report from the security firm Trustwave. One of the biggest reasons for this is that many of these smaller companies do not do enough to fully protect sensitive data, and many companies further don’t know what they’re supposed to do if they are attacked.
“Business must look at security as a business-as-usual imperative,” said Michael Aminzade, vice president of global compliance and risk services at Trustwave. “Understanding their risk level is the first step. By identifying their largest security shortfalls and rectifying them, businesses can stay ahead of the criminals and decrease their risk of getting breached.”
What do the numbers say?
For instance, 81 percent of companies say they both store and process financial data, and another 71 percent say they store intellectual property, the report said. However, more than half aren’t doing as much as they can to commit to cybersecurity; 45 percent of companies say they have high-level executives that take only a partial role in dealing with protecting such data, and another 9 percent don’t do so at all.
It is perhaps for this reason that 63 percent of companies do not have a significant means or a plan to track and control their sensitive information, and 19 percent don’t have any at all, the report said. Another 51 percent either do not encrypt that data, or do so only partially.
Going forward, owners certainly need to make sure their companies are addressing these needs comprehensively, and that often could include having a kind of small business insurance known as tech insurance. That kind of coverage will help to cover the costs associated with remediating a data breach, which can stretch into the tens of thousands of dollars or more.