The year 2020 will not only be remembered for a global health pandemic, but also a for a global cyber pandemic. Cybercrime skyrocketed over the last year as attackers took advantage of vulnerabilities that emerged as businesses transitioned to remote workforces, embraced e-commerce, and became more digitally focused than ever before.
In fact, 2020 was the worst year on record for data breaches. Since the pandemic started, the FBI reports that complaints about cyberattacks have grown by a staggering 400%. And ransomware attacks in particular – where hackers steal a company’s valuable data and hold it for ransom – are up by 800%.
Another factor contributing to the problem is that many businesses assume that only large enterprises or financial companies are targeted, so they don’t take the necessary steps to protect themselves. According to Keeper Security’s SMB Cyberthreat Study, 66% of senior decision-makers at small to mid-sized businesses (SMBs) mistakenly believe they’re unlikely to be targeted by online criminals. In fact, SMBs are especially attractive to cybercriminals because they are often easier to hack.
According to Accenture, 43% of all cyberattacks are aimed at SMBs, and only 14% of those businesses have defensive cybersecurity measures in place. Any business that has a digital footprint, accepts online payments, or keeps a database of customer information is at risk.
Cyberattacks can prove disastrous for any business, regardless of size. Companies that are victimized may lose money in trying to restore their data, their reputation, and may even face legal action from their customers.
Some never recover. According to the National Cyber Security Alliance, 60% of SMBs that are hacked go out of business within six months.
Even the US government has been victim to a recent massive cyberattack, as Russian hackers programmed a backdoor into the popular SolarWinds software to gain access to sensitive government information.
So, how can businesses protect themselves from cybercrime?
The first thing you should do is review your current business insurance policy. Many companies assume that their standard business liability insurance coverage will protect them in the event of a cyberattack, but this is usually not the case.
Find a business insurance partner that can help assess your risks, and put together a cyber insurance policy that will cover your business in a variety of cybercrime scenarios.
This is the most important step you can take, but you should also consider implementing internal measures to prevent cyberattacks, such as:
- List all digital assets that could be vulnerable to attack and what risks they may face
- Put policies in place to protect access to sensitive information, define what and how information can be safely shared, and secure devices
- Utilize protective technology – such as a secure VPN that encrypts business data
- Enforce a strong password policy for employees
- Train staff how to identify and avoid cyberthreats such as phishing, malware, ransomware and more