We know what your thinking…
“Why would a hacker want my small to medium business or non-profit? Why would they go after me?”
Considering that you think this way, is why you’re a bigger target. Being an SMB’s or a non-profit makes you more of a target because you have an assumption that you won’t be attacked. The statistics back up all the information:
43 percent of cyber attacks target small business. 60 percent of companies go out of business within six months of a cyber attack. 48 percent of data security breaches have been done with malicious intent.[1]
As a small organization, these stats cannot be ignored.
It may be hard to understand and believe why hackers would target non-profits or SMB’s, but it does happen, and unfortunately they receive no media coverage due to how small the business is. And worse yet, most SMB’s and non-profits don’t take cyber security seriously, or not as seriously as they should.
An owner or executive might believe that their companies don’t have anything of value worth stealing, but that just makes you more of a target. What you forget is that you have something that hackers want, things that are of extreme value such as customer payment information, employee information, passwords, and important day-to-day operations.
It’s realistic to say that data is the new gold, and you wouldn’t leave your gold coins out in the open ready to steal.
If your system isn’t secure, hackers can stop your day-to-day operations, steal important client information, such as social insurance numbers and address, and encrypt your data all together. Part of the service you offer as an SMB and non-profit is making sure that your users information is protected. In fact, it should be a guarantee or else you may face legal consequences.
The Outer threat: How does the criminal underworld called the Dark Web affect you?
When data breaches occur to big corporations (recent breaches include LinkedIn, Air Canada, CIBC, BMO & more), the credentials, SIN, banking info, etc. starts to get sold all over the Dark Web.
That stolen data is then used to steal your identity, your money, and further spread the computer diseases to your friends and colleagues.
How can you stay protected from the Dark Web? Here’s a step by step process to ensure greater security:
Knowledge is Power:
Register for a free domain check to see if you or your organization’s credentials are being sold over the Dark Web.
Password Protection is key:
About 80% of people will use the same password or a derivation of the same password for multiple different services [2]. This makes it extremely easy for hackers to gain access to multiple services if they buy only one on the Dark Web. “P@ssw0rd1!” is not hard to crack – check out our password tips to become more secure.
Use multi-layered security solutions:
For example; you can set Twitter to send you a verification text every time your account is signed into.
Keep your software up to date:
Antivirus services are constantly finding new threats and updating their procedures. Make sure to update your software so you are protected from the newest and more sophisticated threats
Call in the experts:
When you deal with cyber crime, you need to know what to do; you need to be an expert. Not everyone can spend all day thinking about security, but there are experts like E-Tech who do.
The Inner Threat: Protecting your company involves looking inwards.
It’s easy to assume that any cyber attacks would be coming from outside of your organization, but here’s the hard truth:
55 percent of all cyber attacks are from the inside of the organization, 31.5 percent done by malicious employees and 23.5 percent done by company insider who accidently leave the company open to attacks.[3]
If you’re an owner or executive at your respective firm, it’s your duty to ensure that you protect your business and your team. Protection can no longer be solely focused on exterior threats, but equally with interior threats happening all the time.
An important tip to preventing internal hacks is keeping a sharp eye on authorization requirements, meaning limiting employees access to sensitive data. This can be an important first step to preventing some internal hacks.
As an SMB’s or non-profit organization cyber security is a very serious. You can never assume that your company is not a target just because your a small business.
As an organization you not only owe it to your employees but you owe it to your customers to have your business as secure as possible.