Small businesses particularly are vulnerable against computer hacks as they don’t have the IT resources or funds to protect themselves the way larger companies can. I read a great article on CNBC’s website this week on Cyberattacks, and the impact on small businesses. It immediately took me back to the late 90’s when high-speed internet was really marketed to consumers. In my area, the marketing campaign was for a product called RoadRunner by Time Warner Cable. TWC plastered the roadrunner character from the Bugs Bunny cartoon everywhere to show consumers how fast their internet could be.
Having studied IT in college, and began my career as a software programmer, I was immediately suspect of the cable internet service due to the lack of security. The main issue was that it was shared bandwidth, and the IP address was not a static IP address. To understand this, think of the static IP address as your physical mailing address where you can be located, and this IP address can be locked down and somewhat control the activity at this location. A dynamic “changing” IP (DHCP), used in cable internet service at the time, didn’t identify a single address as it continually changed and was much more susceptible to hacking and cyberattacks.
The article stated that, according to Accenture, 43% of cyberattacks are focused on small business because only 14% of the small business have the ability to protect themselves. It is estimated the average cost to a small business of these cyberattacks is north of $200,000, and more than 50% experienced an attack in the last year.
The most concerning stat in the article was that the average time that it takes for the infected companies to identify these attacks exceeds 100 days. Think about the damage that is being done to your company in that time. Not just monetarily, but the brand’s reputation and trust is being tarnished as well. Even with all the technology available, human error is still the primary cause of cyberattacks as the company policies don’t address employee behaviors when it comes to accessing files and how to restrict outside access to the company’s digital network.
If you would like help implementing IT policies and training employees how to protect company data, please reach out to me.