It is not a hidden fact that more and more businesses are facing the devastating consequences related to cybersecurity today. As the internet helps individuals connect with each other, it simultaneously creates more opportunities for hackers to take advantage of these connections. Is your business at risk? What exactly is at risk: the company reputation, assets, customer data or business data? The overarching answer is that in 2018, all businesses, and all aspects of the company are at risk.
In the past, a myriad of large companies have been hacked, leading to serious costs in mending broken customer relationships or company reputations. In 2016, some of the biggest data breaches occurred at Yahoo and Uber, harming millions of users. However, the hacking doesn’t stop here. According to the Privacy Rights Clearinghouse, there were 471,001,631 data breach records so far in 2018 alone. One of the most famous data breaches of this year was related to Facebook. The most interesting aspect of Facebook’s data breach is that it was not through any form of hacking, but instead a manipulation of the existing data systems. Thus, as networks between humans and devices become stronger, the hackers do too – which is why it is so important to pinpoint more attention towards cybersecurity and its fast-paced growth.
Large companies such as the ones mentioned above are evidently under constant attack of hackers. In April 2018, a total of 34 major tech companies, including Cisco, Microsoft and Facebook signed the Cybersecurity Tech Accord. This agreement has the companies promising to defend global customers from any type of hacks, including those from the government. This is an effective start to fighting against cyberattacks, but more has to be done.
Large companies must focus on the increasing number and intensity of cybersecurity threats, because vulnerabilities exist everywhere. This article from Forbes highlights the importance of realizing that data threats are everywhere – from privileged user accounts to the internal network of the business. According to Leonard Brody, even a coffee maker with network connection can give a hacker access to the company databases. Large companies should also consider increasing funding that goes towards cybersecurity training for employees, to decrease the possibility of accidentally being phished or hacked. Since costs would be decreased if the data breach can be contained faster, companies must also be prepared for cybersecurity attacks by having insurance or security programs. The figure below conveys the increase in amount of time taken both to detect the incident (left, MTTI) and resolve the situation (right, MTTC).
As for smaller companies, cyber attacks and data breaches are still increasing over the years. The figure below shows that cyber attacks increased by 6% and data breach by 4% between 2016 and 2017. However, only 21% of the companies “represented in this study rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective”.
Certainly, it would be more difficult for a smaller business to invest in a large information security operation. Thus, some professionals rather suggest to focus on customer data, consult a professional, and leverage service providers. It is easy for small business owners to ignore the upcoming cybersecurity dangers, because they could think they are not being directly targeted as much as the larger companies with more data might be. However, recent statistics negate this thought and further emphasize the importance of preparing and improving their cybersecurity by running risk assessments, educating employees and creating recovery plans.
The fact that 90% of small business owners are at least somewhat confident in recovering from cyberattacks is quite alarming, seeing that over 70% of cyber attacks target small businesses. The potential danger of cyber attacks targeting small businesses should be worrying for large businesses as well. When hackers gain private information of small businesses, this could further help them reach those of larger size. For example, the infamous Target hack was actually caused by hackers accessing a third party company that also had access to Target’s network. The hackers used a spear phishing attack to gain connection to Target, conclusively stealing and deleting the data.
Whether you are the owner of a small or large company, your business is always at risk of cyber attacks and cyber crime. Today, “there is a hacker attack every 39 seconds, affecting one in three Americans each year”. As the number of devices exceeds the number of people on the planet, the threats become endless. Companies must work together to decrease the damage done by hackers, because although our technology is rapidly developing, so are the related consequences.