Cybercrime is on the rise. Unfortunately, most business technology to defend against these crimes is not evolving quickly enough to turn the tides in the favor of today’s small businesses – at least not according to the study US Cybercrime: Rising Risks, Reduced Readiness.
“One thing is very clear: The cybersecurity programs of US organizations do not rival the persistence, tactical skills, and technological prowess of their potential cyber adversaries.”
More than three-quarters of executives cited in the survey of more than 500 US executives reported security events within the past year with more than a third reporting increased numbers of incidents within the past year according to the study.
One of the big problems in determining just how far reaching the damage of these attacks are, though is the difficulty in determining their costs. Most organizations where costs were evaluated reported costs in excess of $415,000. The average small business owner, cannot absorb these costs easily.
Larger organizations recognize that the greatest risks come from within the organization. Smaller businesses, such as yours, often discover outsiders pose greater threats. Part of the reason is that larger organizations have the funds to afford large IT departments where smaller organizations do not have the staff or budget to devote to eliminating cyber-attacks from outside the business.
One thing worth noting is that businesses that were hit with massive cyber-attacks in the past generally exercise more caution than those who have not. Once you’ve been victimized by these attacks you’re not interested in repeating the experience.
Taking Matters into Your Own Hands
To some degree, you can control, and even deter the incidents of cybercrime against your business. The study revealed that educating and training employees to not only deter, but also respond to cyber-crime events is highly effective. Unfortunately very few businesses engage in this type of training and education.
More importantly, most companies do not even address the threats (internal and external threats alike) to a sufficient degree that would cause employees to recognize the threats as problematic.
Most companies also fail to address the security risks mobile devices represent or make policies regarding their use on business networks.
Finally, hold third parties and supply chain partners to the same standards of cybersecurity you have for your own networks, if not higher standards. In fact, compliance terms should be mandated in the contracts you create with vendors and third parties.
With so much increased activities by cyber criminals, small businesses can no longer afford to operate without the protection cyber liability insurance provides. It is one of the most essential business insurance products in which businesses that operate in today’s high-tech society can, and must, invest.