We’re back from a well-earned break and we’re continuing a theme we’ve been on for a few months now. It’s a topic that’s at the forefront of our thoughts and regardless of the business you’re in, it should be one that’s at the forefront of yours.
‘What do they want with us?’
‘We’re not worried, it’s never going to happen to us.’
‘They only want the big boys, not the small companies.’
If this is your attitude to cyber-security and data breaches, here’s a wake-up call for you.
Every year, Verizon release a Data Breach Investigation Report (DBIR) and their 2019 report released in May threw up some surprising results (surprising if you happen to be a small business that is) –
The top-line number is one we should all be acutely aware of – almost half (43%) of all data breaches happen to small to medium-sized businesses. Businesses just like yours.
Another startling statistic suggests that corporate executives are 12 times more likely to be the target of ‘security incidents’ and nine times more likely to be targeted for data than they were in the 2018 report.
The most interesting element underpinning all of this is that over half (56%) of those data breaches took months to discover and by then, the information is long gone, presumably sitting on the dark web and available to the highest bidder.
Without the right security measures and detection mechanisms in place, the effects on your business can be – and often are – catastrophic and can – and often does – cost millions of pounds to fix. By then, you’re done for.
What’s The Main Driver For Data Breaches?
Money. Pure and simple. Cyber-attackers don’t care how big or small you are, they want cash and the easiest way to get it is to target smaller businesses (like yours) who haven’t put the proper procedures, policies and plans in place to adequately protect what they have.
In addition, they can – and do – use your security weaknesses to get to bigger businesses (otherwise known as your clients).
Attacks on SMEs Aren’t Stopping…
…in fact, they’re on the increase, and thanks to a recent survey by British-based tech research company Vanson Bourne commissioned by Mimecast, the takeaway facts are indisputable:
- For organisations with between 250 and 499 email users, two-thirds (66%) witnessed an increase in impersonation fraud, 53% saw more phishing attacks with malicious links or attachments and scarily, 41% experienced an increase in internal threats and data ‘leaks.’
- Of the organisations that experienced impersonation fraud, 38% suffered actual data loss and 24% suffered direct financial losses. Just under a third (29%) had employees lose their jobs over these attacks and a fifth (21%) lost clients.
A fundamental problem with SMEs and their email security and protection systems is that when it comes to the monitoring and protection against email-borne attacks or internal email threats, 38% of companies interviewed believe (admitted) they’re simply not up to the job.
The numbers where it comes to the protection of outbound emails are similar (39%) and automated detection and removal of malicious emails that have already landed in employees’ inboxes (38%).
What Are Your Priorities?
To answer that question, you need to answer another. Are you confident you’re 100% secure?
Just under half of the respondents to the survey (42%) said that they do have a cyber resilience strategy but while the message does seem to be getting through (45% said that they are rolling out a strategy or will do in the next 12 months), there’s still plenty of work that companies need to do in order to ensure that cyber-resilience is top of the list.
A fundamental issue is that developing and employing a robust strategy isn’t fee-earning. It’s capital outlay that doesn’t generate a ROI but think of it like this: if you get hacked it will cost you way more than the cost of a strategy to protect you.
More Scary Stats…
As if we needed to reinforce the point even more, perhaps these stats will help to make our case –
- 67% of organisations report being breached at some point in the past, and 86% of US organisations plan to increase their cybersecurity spending in 2019. thalesecurity.com
- More security vulnerabilities were publicly disclosed in the first quarter of this year than in any previous three-month period. darkreading.com
- 60% of organizations in the US and UK have been breached in the last two years and 31% had been breached more than once. forbes.com
Contact us today on firstname.lastname@example.org or call 020 7078 0789 and we’ll talk cloud security, how to prevent data breaches, cutting-edge IT solutions or what’s better, Pepsi or Coke. Whatever you want.