Tag Archives: small business

A Data Breach Can Cost a Small Business $2.5 Million

SMBs are attractive targets to cybercriminals because they typically have smaller cybersecurity budgets and may lack an internal security team dedicated to timely discovering and responding to cyberattacks. Critically, these organizations may also lack resources to train their employees to identify preventable breaches like phishing campaigns.

The Cisco Report

Late last year, Cisco published a special cybersecurity report (Cisco’s SMB Cybersecurity Report)(Report) focused how cyberattacks affect SMBs. The Report includes 1,816 survey respondents from 26 countries.

When surveyed, respondents listed these as the most concerning threats.

  • Targeted employee attacks (BEC and phishing)
  • Advanced persistent threats (new malware)
  • Ransomware

Continue reading A Data Breach Can Cost a Small Business $2.5 Million

UK Small Businesses Struggle with Data Storage

According to recent research by Seagate Technology, a world leader in data storage solutions, many small and medium-sized UK companies (SMBs) are having a difficult time transitioning to newer, more secure methods of data storage and management.

Seagate polled a sample of 1,006 UK SMB employees and found that 23% of SMBs still rely on USB drives for their primary company data storage, 35% use a centralized on-site server and 29% use cloud-based storage solutions.

A Significant Security Risk

Not only is storing company data in differing locations and technologies time-consuming for employees, it also represents a significant security risk. Using a central server or cloud storage allows businesses to store many different types of data in one location, on top of having other benefits such as scheduling regular backups – resulting in a safe, secure and cost-effective way to centralize company data. Continue reading UK Small Businesses Struggle with Data Storage

Operation Main Street: The FTC’s Initiative to Battle Scams Against Small Business

Small businesses drive a significant portion of the American economy by providing jobs and services nationwide. As a vital component of domestic commerce, it is essential that there are protections in place to keep these companies safe from cyber scams. That’s where the FTC steps in, fulfilling their mission to protect consumers and small business owners.

The FTC, law enforcement, state and federal partners and the Better Business Bureau (BBB) have recently coordinated to form Operation Main Street, an education effort to help alert small businesses about scams and how to avoid them.

Example Scam Activity

In addition to cyber scams like business compromise emails and other phishing attacks, according to the FTC, some scammers actually call their targets claiming to be collecting on past-due bills for a variety of services including online directory listings, search engine optimization and web design and/or hosting. The scammer warns to “pay now” or the small businesses account will be turned over to collections and red flagged. The scammer warns that refusal to pay could have a negative impact on the company’s credit. However, the reality is the targeted small business never ordered the products or services to begin with; it’s all part of the con. Continue reading Operation Main Street: The FTC’s Initiative to Battle Scams Against Small Business

FTC Website Dedicated to Help Small Businesses Against Cyber Threats

Small businesses can feel the pain of a cyber-attack more than most enterprises. With scarce resources to allocate beyond business operations, small businesses are a prime target for cyber criminals.

There’s a false statistic circulating that 60% of small businesses fail within six months of a cyber-attack. While the number may be exaggerated, small businesses do have a hard time responding appropriately.

It’s not surprising that a cyber-attack, with all the costs and time involved, can derail a small business. Luckily, the FTC has recently provided some recourse for the little guys.

FTC Website

Recognizing these struggles, the FTC launched a website dedicated to help small businesses avoid scams and protect their computers and networks from cyber-attacks.

The FTC markets their new site as, “a one-stop shop where small businesses can find information to protect themselves from scammers and hackers.”

They cite several ways small businesses are specifically targeted by cyber criminals:

  • Social engineering tactics charging the business for supplies they didn’t order
  • Soliciting donations for fake charities
  • Phishing small businesses into giving access and control to computers and networks

The resources on the FTC site include:

  • Small Business Computer Security Basics Guide
  • Information on responding to a data breach
  • Guidance on threats like ransomware and phishing

Key Takeaways

There’s been a push lately to educate small and medium sized businesses on cyber risks and threats. We’ve seen guidance trickle down from regulators (see article PCI Guide for Small and Medium-Sized Businesses), and this website from FTC provides yet another resource for businesses to leverage.

One benefit to guidance materials like these from the FTC: in the event of an incident an organization can probably gain some points with the regulators by showing their due diligence with the provided regulatory cyber tools and resources.

We also strongly encourage small businesses to take advantage of the cyber risk management resources in their cyber insurance policies. We provide policyholders with easy tools to leverage:

  • Phishing training courses
  • Sample security policies and procedures
  • Cyber security fitness check
  • Incident Response Plan templates and guidance

Reach out to cyberteam@eplaceinc.com for any help accessing these resources, or to schedule a meeting with our Virtual-CISOs to discuss any of your cyber initiatives.