Small businesses becoming increasingly vulnerable to data breaches

Kaspersky's recent survey—IT Security Risks Survey—paints a grim picture for small businesses that are increasingly becoming vulnerable to data breaches. According to the survey report, nearly 45% of small businesses were victims of data breaches in 2019. However, despite the losses and other consequences that small businesses face, they do not have adequate countermeasures in place to prevent such incidents.

Small Scale Does Not Guarantee Security

The general belief that smaller businesses—with less than 50 employees—are less vulnerable or prone to data breaches as compared to larger organizations or enterprises is incorrect. While it is correct that data breaches faced by smaller businesses are less reported in the media, it does not reduce the impact or losses that these smaller businesses face. Often, small businesses do not have enough resources to protect themselves against such incidents. Since they are more focused on business growth, their business processes and revenues face grave risks due to downtimes. Additionally, loss of customer data due to breaches results in damage to brand reputation and in worse cases, customer churn.

The survey reveals that small companies not only suffer losses—financial and reputational—due to data breaches, but the number of businesses being targeted by such attacks is increasing with every passing year. Although the Small and Medium Businesses (64%) and enterprises (67%) constituted a larger chunk of the victims of data breaches, the number of smaller companies affected by data breaches has risen to 39% as against 33% in 2018.

The bottom-line, therefore, is that data breaches are increasingly impacting businesses of all sizes, small business are at a pronounced risk due to lack of resources and dedicated resources. Therefore, small businesses must not consider themselves immune from data breaches, instead take proactive measures to prevent such incidents. While some small businesses do use consumer products for protection (at 27%), they do not have adequate features to provide the necessary business continuity.

Practice Precautionary Measures

For its IT Security Risks Survey, Kaspersky surveyed 1138 companies with less than 50 employees in April 2019. Kaspersky advises small companies to practice basic measures to protect themselves from possible data breaches and other cyber attacks. These include:

• Provide employees with adequate training on the basics of cybersecurity so they do not open unsolicited emails or links.
• Train the staff to handle sensitive company data with care and store it only in trusted cloud services with authentication switched on.
• Avoid sharing authentication details and/or passwords with untrusted third parties.
• Use legitimate software.
• Regularly backup essential data.
• Update IT equipment and applications with the latest updates regularly.
• Use cybersecurity solutions specific to the unique needs of their small businesses that provide adequate protection against malware, ransomware, and other online fraud and scams.

The article has been written by Neetu Katyal, Content and Marketing Consultant

She can be reached on LinkedIn