Almost a quarter of SMBs (small to medium businesses) experienced an attack or hacking attempt in 2017 and cyber crime shows no sign of slowing, a new survey reveals.
According to the Norton SMB Cyber Security Survey of more than 500 businesses nationwide, the frequency of such attacks is up from 18 percent in 2016. However, financial losses as a result actually decreased, from approximately $19,000 in 2016 to an average of $15,592 in the last 12 months.
The perceived threat of cyber crime has increased, Mark Gorrie from Norton says.
“For many New Zealand SMBs, resilience is critical. Cyber attacks have the potential to significantly affect how a business operates and how it is perceived by customers, particularly in the event of lengthy downtime. If a business can’t recover quickly from the operational and financial damages an attack can cause, cyber attacks have the power to cripple SMBs, regardless of industry.”
As a growing number of SMBs become more aware of the risks of exposing data, many have started taking proactive steps to protect themselves and their valuable IP from being compromised. And, New Zealand’s new Privacy Bill will also aim to address the need for better data and privacy protection and regulation, he adds.
“The operational and financial impacts of cyber attacks are becoming harder for SMBs to ignore. Yet, while business owners and operators are beginning to knuckle down and get the basics right – from using passwords and continuous back up – some are still taking risks with important company data.
“With the introduction of New Zealand’s Privacy Bill, we expect more New Zealand SMBs will go from seeing cyber security as ‘nice to have’ to a critical piece in securing the future success of their business.”
Security Tips and Tricks
As attackers evolve, there are many steps businesses can take to protect themselves. As a starting point, Norton recommends the following best practices:
– Don’t wait until it’s too late to know your business: It’s tough running a small business during the best of the times, and sometimes businesses overlook things until it’s too late. Businesses shouldn’t wait until they’ve been hit by a cyber attack to think about what they should have done to secure their information. Not only is downtime costly from a financial perspective, but it could mean the complete demise of a business. SMBs need to begin understanding the risks and the security gaps within their business before it’s too late.
– Invest in security and backup: To reduce the risk of being impacted by a cyber attack, SMBs must implement comprehensive security software solutions such as Norton Small Business for all their devices. Businesses should also use backup solutions to protect important files, such as customer records and financial information, and should consider encryption to add further protection in case devices are ever lost or stolen.
– Keep up-to-date: Ensure all your company devices, operating systems, software and applications are always up to date with the latest versions and patches. It’s a common pitfall for many small businesses to delay software updates, but outdated software, operating systems and applications often have security vulnerabilities that can be exploited, leaving many small businesses open to cyber attacks.
– Get employees involved: Employees play a critical role in helping to prevent cyber attacks, and should be educated on security best practices. Since small businesses have few resources, all employees should be vigilant and be educated on how to spot phishing scams, ransomware attacks and made aware of websites they should and should not visit on their work devices. Small businesses should invest in educating employees so they become your best line of defence against cyber attacks, not your weakest link.
– Use strong passwords: Use unique passwords for all your devices and business accounts. Change your passwords every three months and never reuse your passwords. Additionally, consider encouraging staff to use Norton Identity Safe to further protect your information and keep cyber-criminals at bay. Wi-Fi networks should also be password protected to help ensure a safe working environment.
– Consider adding a cyber insurance policy. Cyber insurance policies can cover a business for financial losses resulting from cyber attacks. Only six percent of New Zealand small businesses currently hold a cyber insurance policy. Businesses with 4-20 employees were more likely to hold cyber insurance (10 percent) than smaller businesses.