“But we’re small, nobody would bother to hack us, Right?”
The Reality of the Hack: Everyone is a target!
This week I was invited to talk at the Michigan CPAs association (MICPA) to take a deep dive into cyber security risks for CPA and Accounting firms. But I thought this was a good moment to shed light on the cost of cybersecurity and give your business a solution to make sure you don’t become another statistic.
Let me warn you—these facts are startling!
The Reality of the hack is that 1 in 5 small businesses (under 250 employees) falls victim to cybercrime.
Why attack small businesses?
Because they are easy—if you don’t suspect you’re a target, you’re not taking proper security measures to shore up your security. You are the easy target. Criminals aren’t the Mission Impossible types! They want easy attacks! Remember—cybercrime is a business. The fastest and largest return on their investment is EASY. That means businesses like yours!
And the evidence is growing that attacks are directed at small businesses! 71% of security breaches have targeted small businesses. Thus far, over 7 MILLION small to medium-sized business have been HACKED!
What does a hack really mean?
Consider being the average hacked small business:
Expect 20,765 records stolen from you—that’s personal information, secure data, proprietary information. ANYTHING you store on your network could be in the mass of data hackers get their fingers on!
$201 per stolen record—typically the cost of a stolen record amounts to $201! If you become even the average hacked business that’s over $4 Million worth of data (your reputation, client loss, class action and individual law suits, legal fees, compliance lawsuits, downtime, loss in productivity and data replacement—just to name a few costs here!).
Expect your business to FAIL—60% of business fail after a data breach.
What’s scary to me is that most businesses think they’re safe from cyberattacks! Nearly 75% of small businesses feel like an attack can’t happen to them!
And what I’m stressing is that if you took proper security measures to make sure your networks were hard to break into, criminals would pass your business up for an easier target down the street!
What types of measures should you be taking to protect Your Team? Your Clients? Your Data?
Here are some of the big things I recommended for CPAs to tackle (but all apply to businesses of any size and vertical):
- PASSWORDS—create safe passwords you can remember, here are some tips on good password hygiene. Never store your passwords in documents (Excel files, PDFs, Word Docs, Text Files). Find tips on how to store passwords in a discussion about password management .
- PATCH REGULARLY—if you have one IT guy or a break-fix solution, your patches may not be getting updated as needed. To make sure patches are updated on your operating system and all software on your networks, you need constant monitoring on your networks and DAILY patch implementation. Criminals look for easy ways to break into your networks. One of the easiest is identifying business slow to patch their networks. If you’re in this boat, you’re practically handing over the keys to the kingdom!
- Install and Monitor a SMART Firewall— A firewall blocks hackers and unauthorized traffic from passing through your network. But a SMART firewall monitors ALL inbound and outbound traffic for suspicious behavior. It essentially stops any attack before it threatens your system.
- Backup Your Data— In any disaster, but especially after a breach, restoring your networks from a RECENT backed up copy is critical. Regular backups of your data ensure your business up and running within a couple of hours rather than a couple of weeks or even months! You never realize how valuable files are—your contacts lists, your quarter end presentation—until it’s GONE.
- Train Your Employees— Employees can be your biggest asset, but they’re also your biggest liability. In fact, 95% of all security breaches are a result of some human error! Train your employees to protect and secure passwords, connect securely to your networks, avoid being phished or socially engineered (the list is enormous!). With the right IT support in place, your people get the right training to prevent hacks in the first place.
The biggest lesson is that getting everything right is hard. If you don’t have dedicated staff making sure everything is secure daily (if not hourly!) is a big risk and an open door to cyber threats.
If you’re at all worried about your security, please contact me TODAY for a free cyber security assessment! Every day you wait is another opportunity for a cyber hacker to take advantage of your business!