Why are small businesses a target for hackers?

With reports that cybercrime is on the rise and attacks mounting, it begs the question, am I safe?

And who exactly is at risk of being hacked? Essentially, any business, individual, organisation or company that holds any kind of sensitive data – personal details, payment card information and identification numbers on file is a potential risk.

On top of this, intellectual property, which is creative work but treated as a personal asset is also majorly sought after in the cybercrime realm. The type of attack depends on the nature of the search and exactly what the hack is trying to uncover.

Whilst it would seem that the biggest businesses with the greatest revenues and therefore the most customers would be the obvious choice, it’s also likely that they possess the resources required to install security measures and train staff, providing the business with awareness in what to spot when an attack is on the cards.

In turn, whilst this might leave smaller businesses in the limelight it depends on what they have to offer in terms of abundance of data, personal payment information and intellectual property, and if it is actually worth the risk.

According to research carried out by Symantec, hackers are singling out companies who are less aware of security measures or don’t have the resources to implement them.

Ross Walker of Symantec said: "Hackers are increasingly targeting smaller, softer, less reactive targets since these provide a lower-risk alternative to financial institutions."

E-commerce sites are another given, with payment details and personal information processed simultaneously, a lack in security measures could leave the door wide open to having your data cloned, stolen, duplicated or exposed, leaving you in an unsavoury position with your clientele.

Whatever your sector, you must be aware. Whilst employing simplistic measures such as anti-virus software and strong, regularly changing passwords might do the trick in certain respects, it’s about identifying risks that might not even register on your conscience; Such as allowing staff members to work in areas with unsecure networks, failing to encrypt laptops and devices that leave the office and ensuring all software is patched to the highest spec, to name but a few. Often it’s just better to call in the experts, before it’s too late.

To help, here are some general questions to mull over:
  • How am I protected if a member of my staff decides to steal data, misuse information, commit fraud or just makes a mistake?
  • What stops my business being hit like the bigger firms that I see in the press getting attacked?
  • What are the most valuable things my business has (customer data, IPR, reputation etc.)?
  • If I had a security breach tomorrow what would I do? (or how would I know?)
  • Could I get all the data back if I lost a server, laptop, member of staff, filing cabinet etc?
Source: Piers Wilson, PwC information security Visit www.xyonecybersecurity.co.uk for more information on how we can solve your security issues.