Don't Put Your Profits at Risk by Ignoring This Crucial Protection for Your Business
Money talks. And it's telling small-business owners they risk losing it if they don't protect themselves against looming cyber threats.
A recent report published by the Better Business Bureau (BBB) states half of small businesses couldn't stay profitable more than 30 days if they lost critical data.
The BBB reports out of the 1,100 businesses they surveyed in North America, less than half provide cybersecurity education to their employees. That's troubling considering how many cyber attacks occur due to an unsuspecting employee clicking on a hyperlink in a fake email. Ninety-one percent of hacks on businesses start with a spear phishing email scam, according to KnowBe4, a company specializing in security awareness training for employees.
Despite the prevalence of anti-malware software, firewalls and other cyber products installed at most small businesses, employees remain the weak spot and most likely point-of-entry for hackers.
The BBB says employee education is the most cost-effective cybersecurity prevention tool. KnowBe4's training, for example, costs only $16 to $28.50 per user, per year, depending on the option. If the low cost to train employees on security isn't enough to convince companies to do so, then perhaps contemplating the costs of not training their people will be.
When an unaware employee clicks in a spear phishing email, it often injects a ransomware infection onto a computer or mobile device. Ransomware restricts access to files, often threatening permanent data destruction unless a ransom is paid.
When a company pays a ransom, there's no assurance it'll reclaim its data. Plus, paying a ransom invites more attacks.
Ransomware damages are predicted to cost the world $5 billion in 2017, and climb to $11.5 billion in 2019, according to my firm, Cybersecurity Ventures. In 2015, the costs were a mere $325 million.
With more than 50 percent of all cyber attacks committed against small businesses, the ransomware costs -- and resulting losses -- are mounting on defenseless entrepreneurs.
Small businesses are notorious for poor data backup practices.
The No More Ransom Project offers ransomware self-help to small-business owners globally. It's an initiative led by the National High Tech Crime Unit of the Netherlands' police and Europol's European Cybercrime Centre to help victims of ransomware retrieve their encrypted data without having to pay the criminals.
The Project's free prevention advice puts data backup at the top of its list. The best way to thwart a ransom demand is to have all data backed up. Then there's nothing to pay a ransom for.
Also on the list, beware of suspicious emails -- which reinforces the BBB's recommendation to train employees on how to spot them.
To sum up, an ounce of cyber prevention is worth a pound of cure. Small businesses don't have to lose money to cyber attacks.