Two weeks ago, unidentified hackers accessed 1.5 terabytes of data from cable channel HBO, including scripts and a full episode of the wildly popular show Game of Thrones. Last week, Distributor Star India was forced to admit the cyberattack originated from their servers, releasing a statement that said, “We take this breach very seriously and have immediately initiated forensic investigations at our and the technology partner’s end to swiftly determine the cause.”
The most interesting quote, however, came from HBO CEO Richard Plepler in the immediate wake of the cyberattack: “The problem before us is unfortunately all too familiar in the world we now find ourselves a part of.” So even if you don’t watch Game of Thrones, don’t subscribe to HBO, or don’t think your personal or business information is of the same value to hackers as that of an international hit TV series, you could still be at risk.
Most of the world’s biggest and most harmful data breaches have occurred in the last two years. In 2017 alone, everything from usernames and passwords to Social Security numbers and medical information to voting records and even source code for supposedly strong digital surveillance software has been stolen. Which means that enhanced layers of security are required to keep your critical data safe, even if you operate a small to medium-sized business (SMB).
In fact, SMBs are becoming more and more of a target for cybercriminals. According to IBM, SMBs are hit by 62% of all cyberattacks — as of late 2016 when the survey was conducted, that number came out to approximately 4,000 per day. The US National Cyber Security Alliance found that 60% of small companies were unable to stay in business for more than six months after a hack. And the Ponemon Institute estimates that the average price for a small business to clean up after a data breach ranges from $200,000 to nearly $700,000.
Here’s why SMBs are increasingly at risk of data breaches:
• Small businesses tend to have weaker security and data encryption measures.
Most of the time, significant hacks are directed at major companies that attract widespread media attention. But as IT security experts focus on ways to stop data intrusions, criminals have shifted their focus to more susceptible smaller organizations. Many companies feel they can’t afford to splurge on IT solutions, but the devastating cost of a cyberattack often far surpasses the average investment in data security.
• To a cybercriminal, every employee and workstation represents a possible point of entry.
Beyond tech measures, the biggest data security investment you can make is in your people. Employees should do more than just create stronger passwords — they should know how to identify and handle an unsafe email attachment, they should know how to assess and manually re-enter external links, and they should be empowered to think about how their online actions can affect their employer. CMIT Solutions specializes in offering such human-centric training and education.
• Malware, phishing attacks, and social engineering tactics are on the rise.
Last year, targeted malware attacks against small businesses increased by more than 10%, while some experts estimate that social media-based phishing attacks increased by more than 100%. Nearly 25% of all security breaches involve some form of social engineering, the act of using sensitive information to impersonate a user and gain access to data, often via business email compromise. The average loss due to such nefarious means? Some say it could be as high as $25,000 to $100,000.
• The safest (and cheapest) way to bounce back from a security breach is with remote backup and disaster recovery.
If data is compromised, recovering isn’t easy — and can often be impossible, especially in the case of ransomware or other decryption-based attacks. But with a trusted backup solution and disaster recovery plan like CMIT Guardian, even the worst hack or data breach doesn’t have to bring your company to its knees.
At CMIT Solutions, we understand the critical need for data security — we’ve helped businesses affected by breaches and hacks recover without suffering devastating consequences that could have been avoided with forethought and planning. Contact us today to find out how encryption, backup, disaster recovery, and proactive monitoring services can keep your company safe from such threats.