Many business owners make the assumption that only larger organisations are targeted by malicious web users. However, recent research has demonstrated that smaller businesses are being targeted more frequently. One study showed small businesses targeted 18% of the time in 2011, 34% of the time during 2014, and a staggering 43% of the time during the last year.
Such a substantial rise in cyber-attacks made against small businesses strongly underlines the importance of up-to-date security. Here are just three small business cyber security statistics that should prompt you to improve your network.
Poor Risk Management
Research has indicated that only 14% of smaller businesses are confident in their ability to reduce the likelihood of cyber-attacks. This stems from the lack of disaster recovery plans, the use of older software, and the fact that managed IT security professionals were not available to provide assistance or monitor a network remotely. 51% of smaller businesses considered during one study were failing to allocate any budget to risk management, despite an overriding concern about cyber-attacks among 58% of those surveyed.
One of the biggest misconceptions concerning small business cyber security is that any attack will be easy to recover from. Unfortunately, this is just not the case. In fact, 60% of small companies are forced to go out of business within just six months of a cyber-attack. When a business network is infiltrated, all devices will need to be checked, hardware may need to be replaced, and all data may be lost. Short-term issues include IT repair costs and significant downtime. Even when you’re up and running once again, you may find that your clients or customers have lost faith in you.
Poor Staff Training
In the 21st century office, security awareness training is becoming incredibly important. It is far from unknown for the actions of a single team member to result in the corruption of an entire business network. Studies show that approximately 48% of data security breaches are caused by malicious intent, with human error and system failure accounting for all other issues.