There is no doubt that this year is changing our lives on a global scale.
One aspect of these changes is in the area of cybersecurity.
The Covid-19 pandemic and associated lockdowns have increased and broadened risks for cyber attacks as we are more dependent upon digital services and spend more time online.
A quick internet search reveals ongoing reports of data breaches, ransomware attacks, and cyber crime.
Cybersecurity Trends 2020
These statistics are published in the 2020 Data Breach Investigations Report (DBIR) by Verizon:
- 67% of all breaches come from three attack types: credential theft, errors, and social attack
- 27% of malware incidents are ransomware, and the threat continues to get bigger
- 43% of breaches involved web app attacks, twice as much as last year
- 58% of breaches involved personal data, almost double from a year ago
- 17% of breaches were caused by an error, which represents a doubling of the total number of breaches from last year
It is clear that there is an upward trajectory of malicious cyber activity. Knowledge and analysis of these trends only help us implement and reinforce safe cybersecurity practices. A great resource is the DBIR which is published yearly. Download the full report here.
Cybersecurity Impacts on Small Businesses
Many businesses have transitioned employees to work remotely or provide online services/web apps to customers that they had not previously provided. We are scheduling meetings differently, attending conferences differently, and networking differently. Being in ‘the know’ about cybersecurity concerns is more important than ever.
Small businesses are an easy mark for cyber attacks as they often don’t consider themselves targets and may lack the resources that their larger counterparts have to cybersecurity services. However, they absolutely possess valuable information cybercriminals seek, including employee, customer, and financial data. Small businesses can provide access to larger networks such as supply chains. They are especially vulnerable to social engineering attacks, which rely on human interaction to gain access to confidential information.
When compared to the largest companies, the financial impact of cyberattacks is disproportionately high for small businesses, hence they have the most to lose.
Fortunately, there are many free resources, loss prevention tools and services for business owners to strengthen their cyber resilience. Here are some examples:
- Small Business Administration: Cybersecurity
- National Cybersecurity Alliance: Keep My Business Secure
- Microsoft Business Hub: Security Fundamentals
- Verizon: 2021 DBIR Webinar Series
- National Institute of Standards and Technology (NIST): Small Business Cybersecurity Corner
It cannot be overstated the importance of being aware of the risks and exposures that small businesses face in this area. Insurance companies are evolving their cyber products to meet this new demand. Proper risk assessment, employee training, and preventative hardware/software services, combined with a good insurance policy can help mitigate risk.
At Cheney Insurance we take cyber security seriously. Our agency receives regular training on cyber awareness and we use a local Managed IT Service. We also offer cyber liability insurance to our business clients. If you would like to learn more, please contact us.