Is Your Company At Risk Of A Cyber-attack?

November 13, 2017

Is Your Company At Risk Of A Cyber-attack?

It seems like every week we are hearing about another company falling victim to some sort of data breach.  Whether it is a cryptoware exploit or coordinated cyber-attacks, one thing is for sure, it’s happening. So, who exactly is this happening to?  If you listen to the news it might seem like only large companies are at risk? But is that the real story? Let’s explore the data and expose the companies that are really at risk of being breached.  

Target Company Breakdown 

Based on the news reports it’s easy to believe the majority of breaches occur in large companies.  Unfortunately, this is not actually the case.  Large companies are definitely breached, but they are not the most targeted. In fact a number of large data breached were actually perpetrated by first breaking into smaller vendors (think Target).  According to the 2016 Data Security Incident Response Report from BakerHostetler small and medium sized businesses make up over 50% of all of the attacks. 

With private companies accounting for over 60% of those attacks.

And while you may think Health and Finance companies are the ones being targeted, that is not really the case anymore as the attacks are spreading across many industries. 

And this is just the attacks that we know about.  As Mark C. Greisiger, President of NetDiligence states, “A good many data breaches go undetected and others are willfully unreported. Often, the data breach incident is a denial of service attack, which companies don’t report because they aren’t obligated by law to do so.” 

Timothy Francis, enterprise lead for Cyber insurance, has stated there are about 34,529 known computer security incidents per day in the U.S.  And he goes on to suggest “It’s not if a breach will occur, it’s when.” 

Why are SMB’s such a target 

Well for one, SMB’s are a target because in normal circumstances they do not have the budget to hire the resources necessary to secure their environments from sophisticated attacks.  But sophisticated attacks are rarely the problem.  In all actuality, Small Businesses make easy targets because of missing processes and procedures around security.    

Take for example the most common causes for data breaches according to Sutcliffe & Co.  

  1. Weak and stolen credentials 
  2. Back doors, application vulnerabilities  
  3. Malware (cryptolocker) 
  4. Social Engineering 
  5. Too many permissions – credential management 
  6. Insider threats 
  7. Physical attacks 
  8. Improper configuration / user error 

Over half of the most common causes can be almost completely avoided with new business processes and employee training.  Unfortunately, for a lot of SMB’s the policies and processes are not put in place, making them easy targets for data theft.   

And it’s no wonder when you consider that small business makes up:  

  • 99.7 percent of U.S. employer firms, 
  • 63 percent of net new private-sector jobs, 
  • 60 percent of American payroll, 
  • 46 percent of private-sector output, 
  • 37 percent of high-tech employment, 
  • 98 percent of firms exporting goods, and 
  • 33 percent of exporting value. 

Bottom line is that small and medium sized business are highly targeted by attacks, they just don’t get the press that the larger companies receive.  This is both good and bad.  Good, because there is less customer exposure if they are compromised, but bad because SMB’s have their guard down thinking it wont happen to them.  If this is you, it might be time to prioritize your security efforts. Waiting until it’s too late could be disastrous.  

Brent A. Yax

CEO - Brent is the master architect behind the whole of Awecomm Technologies. He rarely sleeps and is always working harder to stay on the cutting edge of how technologies and businesses can interoperate most successfully, constantly pushing for new horizons.

follow me on:

Leave a Comment: