Though corporate giants like Target, Anthem, and Home Depot get most of the media attention for cyber attacks, small and medium-sized businesses (SMBs) are actually more likely to be attacked. Yes, you read that correctly. According to the Verizon 2013 Data Breach Investigations Report, SMBs were more often victims of cyber crime than their larger counterparts.
One reason for this is that valuable data is valuable no matter where it resides. So if a SMB has it, and most of them do, then a cyber criminal is probably going to find it far easier to crack the network of a small firm with no dedicated IT security team, than to take down the network of a big corporation with lots of IT staff and resources.
According to CSO Online, software tools enable the bad guys to easily and cheaply attack companies en masse. Cyber criminals know if they shoot in the dark enough times, they are going to eventually hit the bullseye. And since the bullets cost next to nothing and the gun shoots automatically, they shoot a lot.
To make the situation even worse, many small firms frequently have no idea they are even victims until it is too late. INSUREtrust President Steve Haase explains one possible solution: “Companies should at a bare minimum maintain network log files so they can monitor them in the event of suspicious behavior or a breach. If they don’t do this basic task, then their network could be compromised and they might not know until months after the fact. Often times, it will be law enforcement or a customer who discovered their data was stolen who alert the company.”
According to The Washington Post, many smaller businesses fail to take a proactive approach to protecting and monitoring their data, wrongly thinking that cyber security isn’t a pressing concern.