Data suggests that small-and-medium-sized businesses (SMBs) are highly vulnerable to cyberattacks.
According to a USTelecom 2021 cybersecurity survey, 45 percent of SMBs that own, operate, or support U.S. critical infrastructure experienced a cyber breach during the previous year. The report also states that, on average, it took victimized SMBs seven months and cost them $170,000 to fully recover.
Another recent survey conducted by Malwarebytes found that 32 percent of SMBs that have been in business for more than 10 years believe they will not be the target of a cyberattack, and newer SMBs are even less likely to think they will be attacked.
The Target data breach resulted from hackers compromising the gateway server of one of their third-party vendors, an SMB. In 2019, a small medical practice in California shut down because it could not afford to rebuild its patient medical records following a ransomware attack.
The rise in remote work during the COVID-19 pandemic has caused 86 percent of SMBs to increase their cloud usage. Unfortunately, hasty adoption, poor security hygiene, and misconfiguration create cybersecurity vulnerabilities that invite hackers to attack SMBs.
It is harder than ever for SMBs to make sure only authorized individuals have access to their networks. A survey found that SMBs with fewer than 50 employees use 25 to 50 different Software as a Service (SaaS) applications and SMBs with more than 250 employees use around 100. If an employee fails to use a unique, strong password for one of these applications, hackers could use it as an entry point for a cyberattack.
Finally, SMBs face a shortage of information technology personnel and staff may have to juggle multiple responsibilities. As a result, focusing on cybersecurity can be difficult.
Fortunately, governmental organizations and think tanks such as the U.S. Federal Communications Commission, the U.K.'s National Cyber Security Centre, and the Australian Cyber Security Centre have released guidance to help SMBs improve cybersecurity. Aangeeras "3 reasons SMBs are more vulnerable to cyberattacks than large enterprises" securityboulevard.com (Sept. 2, 2021).
So, the question for our readers is: Are small businesses are bigger targets for cyberattacks?
Please take the poll. Here is the opinion of one of the McCalmon editorial staff:
Jack McCalmon, Esq.
Larger employers are investing into systems to prevent frontal attacks. Targeting smaller vendors connected to backdoor larger businesses with huge data pools is the cybercriminals' counter move.
As a result, large businesses will place more requirements on small businesses to have the necessary cybersecurity protocols in place.
You can answer our poll. Please note any comments provided may be shared with others.