Data Breaches pose grave threat to SMBs

by

One of the most frightening and controversial statistics used in cyber security and cyber insurance advertising regards the impact a data breach has on a small business.

As the narrative goes, 60% of small businesses file for bankruptcy within six months of a breach. That number is often attributed to the National Cyber Security Alliance.

That’s a frightening number for obvious reasons but controversial because the National Cyber Security Alliance says it never stated or reported that figure.

So perhaps in response to the controversy that has embroiled the organization for the past half-dozen years over that claim (google it to see how many times it appears in the search results), the Alliance commissioned a survey of 1,006 small business owners and CEOs to get a better handle on what the actual figure might be.

The results aren’t a whole lot more encouraging.

More than one-third of small businesses responded that they filed for bankruptcy or closed their doors after a successful cyber attack. That’s 25 percent who filed for bankruptcy and 10 percent who went out of business.

That’s certainly not in the 60 percent stratosphere but it should give small business leaders enough pause to ensure that their cyber security measures meet their data handling needs.

In addition, 63 percent of small businesses in a 2019 Ponemon Institute study conducted for Keeper Security said they had suffered a data breach in the previous 12 months. Keep in mind this is just the percentage of small businesses that suffered a data breach, not the actual number that were attacked, which is 100 percent as every SMB receives phishing emails on a regular basis.

I state this often but it bears repeating often — you cannot protect your business with guesses. You must know what risks your specific business faces to make the most cost-effective decisions regarding the cyber security measures you need. The only way to do that is with a Cyber Security Risk Assessment.

If you need help with that, call Threatucation at 302-537-4198. Mention this blog post and we’ll conduct a free, no-obligation Cyber Security Risk Assessment for you.

COVID-19 Unemployment Insurance Fraud

by

Never ones to idly stand by while pain, suffering, fear and desperation abound, Cyber criminals have pounced on the opportunites created by COVID-19.

And sure enough, the FBI has reported a spike in fraudulent Unemployment Insurance claims since the onset of the C0ronavirus.

Cyber criminals have exploited the pandemic using their complete toolbox of cyber crime scams, from phishing emails to snail mail letters to phone calls to impersonated and hijacked web sites to Dark Web purchases of the personally identifiable information required to fill out the UI claim forms.

Victims whose PII has been used in UI fraud don’t know until they apply for their own UI benefits and learn that a claim has already been applied for in their name.

The effect on a small business could be an increase in its unemployment insurance tax when its employees’ PII is used to file fraudulent claims.

Employees should be made aware of this scam but also receive security awareness training to spot all forms of scams in general, such as social engineering schemes including phishing emails and fraudulent web sites that are typically used in other types of opportunistic frauds like traumatic man-made or natural events.

More information about this scam can be found on the FBI’s web site.

Market Your Security Measures

by

If you look at your security measures as a cost only, you’re doing it wrong. In an online survey of 10,000 consumers conducted by Harris Poll for IBM in 2018, 75 percent of consumers said they would not buy a product from a company, no matter how much they liked the product, if they didn’t trust the company to protect their data. And, of online retailers who experienced an increase in online sales, 58% say enhanced security features had a very significant impact on their sales in the 2017 American Express Digital Payments Survey. So, in an age when the security and privacy of PII factors into buying decisions, tout the measures you have taken to protect the sensitive data of your customers, employees, board members and suppliers. Learn more here …