Over the past several weeks we have been hearing a lot about the increasing risk of cyber-attacks and data breaches on small businesses. Many experts even say small businesses may be the most vulnerable to cybercrime. Jeff Bardin, CEO of Treadstone, 71, was a keynote speaker for NH Business Review and NH High Tech Council’s Executive Series Forum on Cybersecurity on Tuesday. As an expert in cybersecurity, Bardin explained that small businesses often do not believe they have a need for cybersecurity and cyber insurance because their data is not valuable compared to their larger counterparts. However, it is this belief that attracts cybercriminals in the first place. In fact, while 50 percent of small businesses think they are too small to gain the attention of cybercriminals, 40 percent of cyberattacks are aimed at companies with 500 employees or less.
An organization can fall victim to a cyber-attack for a number of reasons but the overwhelming majority are caused by some sort of human error. Candy Alexander, panel moderator at Tuesday’s forum, explained that two common problems are at the root of almost all breaches: when a system or network has not been properly patched or when employees’ credentials are stolen or hacked, often from phishing scams. In order to effectively combat cybercriminals, more needs to be done in the boardroom and across the C-suite. Not only can upper management allocate more funding towards cybersecurity, but it is also pivotal to train employees on best practices, including regularly updating patches and knowing how to spot suspicious emails. If those in charge fail to emphasize cybersecurity as a top area of concern, how can an organization’s employees be expected to do the same? With cybercrime only expected to increase in both frequency and sophistication, companies can either stay ahead of the game by putting in the time and resources now or, increase cybersecurity practices in response to a data breach or cyber-attack.