Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

New NIST Guidance: How Does It Help Against Cybercriminals?

There are several cybersecurity measures your organization can take to prevent a ransomware attack or to recover from one.

Continue Reading

CAPTCHA Turns To GOTCHA: How Online Criminals Are Upping Their Phishing Game To Incorporate Fake Security Credentials

Read about a scheme increasingly used to deceive users, and keep your employees informed.

Continue Reading

Limited Access Is The Centerpiece Of All Data Security Strategies

Employers must revoke account access when employees leave. Read about how continued access creates exposure.

Continue Reading

Are Small Businesses Bigger Targets For Cyberattacks?

Data suggests that small-and-medium-sized businesses (SMBs) are highly vulnerable to cyberattacks.

According to a USTelecom 2021 cybersecurity survey, 45 percent of SMBs that own, operate, or support U.S. critical infrastructure experienced a cyber breach during the previous year. The report also states that, on average, it took victimized SMBs seven months and cost them $170,000 to fully recover.

Another recent survey conducted by Malwarebytes found that 32 percent of SMBs that have been in business for more than 10 years believe they will not be the target of a cyberattack, and newer SMBs are even less likely to think they will be attacked.

The Target data breach resulted from hackers compromising the gateway server of one of their third-party vendors, an SMB. In 2019, a small medical practice in California shut down because it could not afford to rebuild its patient medical records following a ransomware attack.

The rise in remote work during the COVID-19 pandemic has caused 86 percent of SMBs to increase their cloud usage. Unfortunately, hasty adoption, poor security hygiene, and misconfiguration create cybersecurity vulnerabilities that invite hackers to attack SMBs.

It is harder than ever for SMBs to make sure only authorized individuals have access to their networks. A survey found that SMBs with fewer than 50 employees use 25 to 50 different Software as a Service (SaaS) applications and SMBs with more than 250 employees use around 100. If an employee fails to use a unique, strong password for one of these applications, hackers could use it as an entry point for a cyberattack.

Finally, SMBs face a shortage of information technology personnel and staff may have to juggle multiple responsibilities. As a result, focusing on cybersecurity can be difficult.

Fortunately, governmental organizations and think tanks such as the U.S. Federal Communications Commission, the U.K.'s National Cyber Security Centre, and the Australian Cyber Security Centre have released guidance to help SMBs improve cybersecurity. Aangeeras "3 reasons SMBs are more vulnerable to cyberattacks than large enterprises" securityboulevard.com (Sept. 2, 2021).

So, the question for our readers is: Are small businesses are bigger targets for cyberattacks?

Please take the poll. Here is the opinion of one of the McCalmon editorial staff:

Jack McCalmon, Esq.

Larger employers are investing into systems to prevent frontal attacks. Targeting smaller vendors connected to backdoor larger businesses with huge data pools is the cybercriminals' counter move.

As a result, large businesses will place more requirements on small businesses to have the necessary cybersecurity protocols in place. 

You can answer our poll. Please note any comments provided may be shared with others.

Finally, your opinion is important to us. Please complete the opinion survey: