Cyberthreats Are Ever-Present, Always Tough to Fight
Cybersecurity and computer woes are still among the biggest worries of small-business owners, and also among their companies' greatest vulnerabilities.
A global survey sponsored by hardware maker Dell and computer protection software provider McAfee said nearly half its respondents had experienced a cyberattack on their businesses, and nearly one in five had suffered multiple attacks. Two-thirds of victims were attacked in the last two years, and many hacks were done using AI.
The culprit for most attacks, as usual, was malware slipped into an IT system through a phishing link or malicious attachment, the survey noted. The 44 percent of small-business leaders who said they had experienced a cyberattack said the toll was both financial and reputational.
The hit to the company's bottom line was substantial: 61 percent of victimized businesses lost $10,000 or more. Fully 60 percent of owners and senior tech leaders said cyberattacks on their business took a "physical or mental toll on them and/or their staff or colleagues." At least 58 percent of victimized businesses spent more than a week sorting out the aftermath of an attack.
Breaking down the toll of cybercrime further, 38 percent of respondents said they lost customer data, 34 percent lost passwords, and 34 percent lost other files.
Do not click.
The urge to open things in emails is so ingrained it's not a shock that 43 percent of successful malware penetrations occurred because someone clicked on a link or opened an attachment, unleashing everything from crippling computer viruses to ransomware that paralyzed business operations.
"Unfortunately, small business owners are at a significant disadvantage when faced with malicious messages that are increasingly realistic and frequent thanks to artificial intelligence (AI)," McAfee said in a prepared statement. "AI is a scammer's favorite tool, helping cybercriminals increase the scale, speed and sophistication of phishing and text message scams."
The IT powerhouses recommended a fight fire with fire approach, noting that "small business owners need AI to beat AI. This cutting-edge technology can work in their favor to proactively protect them in real-time before they even know they have been targeted." Advance scans of links that crop up in emails, text messages, social media, or web browsers can reduce cyberthreats dramatically.
Ready? Or not.
Most respondents understood the need to be prepared against cyberattacks, but only half of them said they were confident about their business's ability to respond to them. Only 48 percent of owners and IT decision-makers said they were ready, even though 24 percent of them said they worry about cyber threats every day.
Since 76 percent of these folks said they handle their IT issues in-house, and 45 percent said they spend more than seven hours a week dealing with general IT issues, countering these efforts will take more than the vast array of off-the-shelf cybersecurity programs can accomplish.
John A. Smith, founder and CSO of Chattanooga, Tennessee-based consulting firm Conversant Group and an Inc.com columnist, advocates keeping IT systems as closed as possible and ensuring that employees remain aware of the constant threats.
"While you can't train the problem away, end user security awareness training is one important line of defense," he wrote in a recent article. "But it can't be the only one. IT teams must focus on building a solid, defensive strategy that provides orchestrated layers of protection across people, process, policy, and product. The strategy should remove the ability for users to click the wrong link or open the wrong attachment in the first place."
That's a start, but cybersecurity figures to be a battle for small businesses for years to come.
We've got you covered. Learn about Old National's commitment to security.