July 20, 2022
Cybercrime is on the increase, with growth in US-based cyberattacks of three-hundred per cent reported by the FBI since the start of the Covid-19 pandemic. Stats show small businesses believing they are too small to be subject to a ransomware attack when in reality, forty three percent of cyberattacks are aimed at the small business sector. Furthermore, 60% of small businesses cease trading within six months of a cyber attack.
The challenge that small businesses experience is a unique one. In Ireland Micro Businesses are anything under 10 employees. In comparison to larger businesses cybersecurity costs and losses come directly from the owner’s pockets. With no dedicated IT security teams or resources,micro-business owners wear all the “hats” required to run the business from sales and marketing to IT and cybersecurity, many Micro Businesses have little to no expertise in cybersecurity. For owner-operators, their home and work computer is often the same, opening up more opportunities for cyberattacks. Micro Business owners tend to underestimate the value of the information they hold, being an essential part of the economy adequate cyber defences are essential.
Cyber Attacks can be catastrophic to businesses not only does it affect business growth, KPMG state that it can take up to 6 months for businesses to get back on track. Cybersecurity risks go beyond financial loss and business disruption, research has shown that having your cybersecurity house in order increases consumer trust providing a strong differentiator for small businesses. Cybersecurity also provides the basis for remaining GDPR compliant. Not being GDPR compliant can result in being liable to up to 20 million or 4% of worldwide turnover.
Cybersecurity alone isn’t the answer. It starts with recognising the key role people play in cybersecurity. People can be the biggest weakness to a business. One would assume that having greater awareness will change people’s behaviours, but this fails to acknowledge other pressures, pleasures and demands people may prioritise (streaming tv shows, easy to remember passwords or using the same password) There are limits to what people will do in the name of security.
Awareness must be followed up with support to combat this. Knowledge-building efforts, such as webinars are useful but become exponentially more valuable when followed up with practical workshops where tasks such as installing password managers and setting up two factor authentication are carried out. Effective cybersecurity support will make businesses aware of the threats, whilst balancing this with easy access to the tools and resources they need to build their defences. It begins with an effective risk assessment, understanding the threat and finally planning a response.
To learn more about this unique problem and what needs to be done to improve Micro Businesses cybersecurity read our white paper at https://www.cyber-pie.com/why-is-nobody-talking-about-cybersecurity-for-the-micro-business-white-paper