While immense cybersecurity breaches at giant firms like Equifax and Yahoo! obviously grab headlines, millions of small businesses are on the frontlines in the battle against hackers. A stunning report this year from security researcher Sitelock revealed the average small business website was attacked 44 times per day. In addition, 18.5 million of these websites are already infected with malicious software of some type.
In response to requests American small business owners, the Federal Trade Commission launched a new campaign this fall that provides an education on how small business owners can best protect themselves and their customers online.
“This new national cybersecurity education campaign grew out of discussions we had last year with small business owners across the country about cybersecurity challenges,” Rosario Méndez, an attorney with the FTC said in an announcement. “We took note, and developed clear and easy-to-use resources that businesses like yours can use to learn about cybersecurity and help train your employees.”
The FTC even explains how lapses in physical security can lead to hackings – it provides advice on how to protect sensitive data stored on flash drives and how to best shred documents.
Even the busiest small business owner should read over the FTC’s basic outline of small business cybersecurity. The guide touches on how to create strong passwords, secure wireless routers and implement multi-factor authentication for your business’ devices. The commission also discusses how to train employees in cybersecurity essentials.
“Create a culture of security by implementing a regular schedule of employee training,” the guide advises. “Update employees as you find out about new risks and vulnerabilities. If employees don’t attend, consider blocking their access to the network.”
The costs associated with cybercrime appear to increasing exponentially – the costs increased fourfold between 2013 and 2015, and experts believe the global cost of data breaches to quadruple again between 2015 and 2019. This means companies, governments and consumers the world over will pay some $2 trillion next year due to hackings.
Even though 58% of malware attack victims are small businesses, the majority of small business owners have lulled themselves into a false sense of security. A poll this year found 51% of small business owners don’t believe their businesses are a target for cybercrime. In fact, an astounding 76% haven’t adopted multi-factor authentication.
Between legal counsel and damage to reputation, one cyber attack often costs a small business about $130,000, according to cybersecurity firm Switchfast. Even more alarming, small businesses can act as a gateway for hackers.
“One of the real dangers is that small businesses can be a launching pad for much larger attacks on government sites and the large commercial giants,” Switchfast chief technology officer Nik Vargas said.
Echoing the FTC’s sentiment, Switchfast found that employee negligence was the number one cause of cyberattacks at American small businesses.