It seems to be a regular news fixture: large, well-known companies suffer massive data breaches where personal data is obtained by hackers. The type of business and nature of the data often changes, but the stories are always connected through how instantly recognisable the businesses involved are.
So, you’d be forgiven for thinking that as a small business you’d be safe from the interest of hackers. However, the truth is very different. According to the Verizon 2019 Data Breach Investigations Report (DBIR), 43% of cyber-attacks target small businesses. In fact, attacks on small businesses make up the largest share of attacks in the report.
This suggests that small business owners are lacking in the resources and knowledge required to prevent such attacks, especially when we consider that 21% of the breaches were caused by error, while 15% were caused by misuse.
Who are the attackers?
69% of attacks were carried out by outsiders, but 34% were carried out by internal actors, meaning employees and contractors should always be carefully vetted before being given access to systems.
Organised crime groups were behind 39% of breaches, while partners were behind just 2%. The key takeaway is that the people behind these attacks largely want your company’s data for criminal reasons.
What are they doing?
The data suggests that 52% of breaches featured some method of hacking, while 33% were social attacks. Malware is still going strong, being used in 28% of attacks – 24% of which involved ransomware.
Business owners need to wise up quickly to phishing emails not just on their computers, but on their other devices too. As we become more reliant on cloud-based solutions, some data can be accessed from anywhere.
What can business owners do?
First things first, if you run a small business then you need to educate yourselves on the facts around cyber-attacks and the Verizon report is a great place to start. You should also check all protection software is up to date and working and look into any other solutions specific to your business.
Another key step is to take out Cyber Liability Insurance which can help protect you and your business in the event of a cyber-attack. Our cover includes:
- Business interruption costs – £20,000
- System and data rectification costs – £100,000
- Regulatory defence and penalties – £25,000
- Cyber extortion and ransom costs – £25,000
We also give you access to a service called ReSecure. In the event of an attack, you can call their 24-hour helpline and they can help to uncover the cause of the breach, assist in recovering lost data, and restore your systems to working order.
They can also provide specialist guidance on the effects the attack could have on your business, as well as any regulatory or legal consequences you could be facing.
While Cyber Liability Insurance can’t prevent such an attack happening, it can give you peace of mind that an attack of that kind doesn’t have to mean the end of your business. So visit our website today for a quote.