Its easy to think that by reading the news that criminals only target large organisations but this is definitely not the case any more. Cyber Security definitely matters to small and medium sized businesses!
Why does this matter?
Recent research conducted by Verizon showed that around 47% of attacks were targeted at small to medium business’s, the majority of which never make national news.
To add to this, the cost of the average cyber security breach which includes a data breach is around £145,000 according to the insurer Hiscox (Link). This is regardless of the organisations size, if you are without insurance for this it can be harder to absorb and recover from along with regaining the trust of a smaller base of customers.
The even more worrying statistic comes from Inc which showed that within 6 months of a cyber attack, 60% of small business no longer operate.
As a small business, you could potentially have access to a larger organisations network which means an attacker could compromise your network then use your credentials to pivot their attack into a larger organisation as you.
Does this really happen?
This happened in 2013 when attackers compromised the network of Fazio Mechanical Services and were then able to use the credentials stored on their server to pivot the attack towards the American shopping giant Target. To date, this attack cost Target in the region of $202million.
More recently, the child’s mobile game Animal Jam was compromised, they weren’t compromised directly, instead a vendor they used had a breach and the attacker used the key stored on their server to then compromise the servers that Animal Jam use.
Its important for every organisation, no matter how big or small, to really take a look at their cyber security posture and ask themselves how much risk am I willing to accept?
Don’t think of this as attackers are not going to find you, if a customer can find you and attacker can find you. Think of it as, if that happens what can they do? what can they get from me? How much will my business lose when that happens? What will be the damage to my reputation?
If that risk is too great then there are lots of ways to mitigate the risk rather than accept it. One thing is for sure, if this happens to you, the cost of preventing this is considerably lower than the cost of recovering from this!