Big-business cyber attacks make big headlines. But that doesn’t mean the small guys aren’t getting hit, we’re just not hearing about them as much. The reality is, small enterprises – those who employ fewer than 500 people - are big hack targets. And the attacks aren’t decreasing:

• 2016: 55% of small businesses experienced a cyber attack1
• 2017: 61% of small businesses experienced a cyber attack;
             54% were effectively breached2
• 2018: 66% experienced a cyber attack; a whopping 58% were effectively breached3

In 2018, 81% of all data breaches happened to small and medium-sized businesses4

But why?
Bad actors often pursue the easiest and weakest prey…and often small-to-medium organizations provide just that. Some companies offer themselves up as easy targets because they don’t possess the resources for sophisticated defenses; or they intentionally forgo ample security by thinking “It can’t happen to us.” But there’s more. Let’s take a deeper look at five leading ways small enterprises entice cyber criminals:

Why Hackers Hit Small Businesses

  1. Less Defense
    We mentioned this above, but let’s expound upon it a bit. Smaller companies typically cannot afford the cyber security bells and whistles that a large corporation may hold, such as a Chief Information Security Officer (CISO), a large or more experienced IT team, sophisticated network monitoring, etc. Others still feel ‘fancy’ security is unnecessary regardless of availability, believing they’re less-likely to be attacked because they’re small…they’re meager monetary hors d’oeuvres that wouldn’t satisfy hackers’ hearty financial appetites.

    To that end, bad actors know the smaller enterprises are easier game with a higher breach potential. And a lot of successful little ‘bites’ can add up to a substantial helping.
  2. Lower Chance of Capture
    In line with less defenses, small businesses usually lack sufficient means to detect and halt an occurring attack. They’re also less likely to employ tools, such as forensic cyber analysis, to discover the source of a breach or to provide evidence. That, along with fewer resources to pursue prosecution, leave dark actors feeling confident they will not face apprehension, charges, or incarceration for their crimes.
  3. They Pay the Ransom
    Though perhaps not as rampant as it was in 2017, ransomware still draws cash flow for cyber criminals. And they know small organizations will pay. The little guys rarely possess the capabilities to recover their hijacked data successfully or in time to avoid damaging downtime. They often choose to pay up rather than shut down.
  4. Valuable Data
    Many small enterprises insufficiently store identity and other attractive data that hackers can use for fraud and identity theft.
  5. They are Gateways

Small companies are connected with other large and small companies for manufacturing, supplies, transport, and many other business dealings. A breach into one small business can be a gateway into many other organizations, spinning a virtual web of cyber security threats.

Average cost of cyber breach for small business = $383,365 5

Check out Part 2 of this blog, How Can You Protect Small Business Against Cyber Crime?, for valuable tips to shield your small business against cyber attacks.

Want to remain resilient and learn more ways to bolster your cyber security? Contact an Assurance certified business continuity professional today. We will be happy to help you get secure: 800-478-7645.

For more great industry info, check out our free whitepaper:

Free Whitepaper - Cyber Security: Beyond the Burden and Into Revenue

1. 5 Cybersecurity Statistics Every Small Business Should Know in 2018, Barkly, 2018
2. 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB), Ponemon Institute, 2017

3. 2018 State of Cybersecurity in Small & Medium-Sized Businesses (SMB), Ponemon Institute, 2018
4. 2019 Tech Trends for Small Businesses, MRW, 2019
5. Nearly 70 Percent of SMBs Experience Cyber Attacks, Security, 2018

Topics: Technology| Cyber Security

Angie Longacre

Written by Angie Longacre

As a writer for Assurance Software, Angie devotes her craft to promoting business continuity and disaster recovery awareness, and trumpeting Assurance Software’s invaluable benefits for both. When she’s not commanding the keyboard, you can find her outside for a run, searching for her next antique treasure, or lost in a good book.

Recent Posts

Most Popular