11 Feb Cyber Attacks by the Numbers and How to Defend Your Small Business
Latest cyber security research, Florida water service breached and securing your systems.
The number of cyber attacks on small businesses is growing. About 28% of U.S. breaches in 2020 targeted small businesses, according to research from Verizon. In this post we will share some other statistics around data breaches and look at ways small businesses can secure their data and systems.
Cyber Attacks by the Numbers
Cyber attacks on web apps doubled in 2020 over the previous year, according to Verizon and almost 90% of breaches were financially motivated.
- 22% of attacks were phishing scams
- 27% of malware attacks were ransomware
- 43% of attacks were made on web apps
- 70% of breaches were caused by outsiders
While the number of attacks made via web apps doubled last year, it is also important to remember that the number of web apps is growing a staggering rate. These attacks are largely on new and under secured applications. The numbers don’t necessarily reflect attacks on web applications from reputable providers like Microsoft.
How to Protect Your Small Business Against Cyber Attacks
- Train Your Team – Put in place basic security practices and policies. Include internet usage guidelines and email usage guidelines. Educate your team with the latest updates on common threats.
- Protect Your Resources – Install the latest security software and keep apps up to date with the latest versions. This includes web browsers, email, web apps and operating systems. Scan software updates through your antivirus software.
- Monitor and Firewall Your Network – Protecting your network behind a firewall seems obvious at this point but it’s still important to mention. It’s also critical to monitor your systems for signs of a breach. Also, work with your remote staff to ensure their home office systems are secured.
- Create and Enforce a BYOD Security Policy – With quarantine forcing employees to work from home in record numbers, this is more important than ever. If employees use mobile devices like tablets or phones, they should also know that quickly reporting stolen or lost devices to administrators is critical to keeping your network secure.
- Backup Regularly – Automatically backing up your data at least weekly with copies stored offsite and in the cloud is critical to keeping your data safe should a breach occur, or even in the event of a natural disaster such as a fire or flood.
- Secure Your Devices and Apps with Strong Passwords – Require separate user accounts with strong passwords for all users. Consider implementing multi-factor authentication requirements and require password changes every 90 days.
- Audit your Security – Regular audits by an in-house expert or outside consultant will ensure you are staying up-to date with the latest security challenges.
Recently a municipal water plant in Florida had its data systems breached. The organization was admittedly underfunded and as a result lacked the resources to follow the above security standards. For starters, they were using outdated operating systems and sharing passwords. A hosting provider could have helped them prevent the attack with higher levels of security, reduced maintenance costs and updates included for many of their software solutions.
How A Hosting Provider Can Strengthen Your Cyber Security Efforts
In the early days of cloud computing there were a lot of fears about security and the cloud. These fears quickly dissipated as businesses began to realize that the right cloud services provider can deliver the highest levels of data security. When you carefully select a private hosting provider for your businesses systems and data, you get a solution from a provider whose core business is securing your systems. For most small businesses, this means a greater level of security than an SMB can build for itself.
For example, CyberlinkASP delivers the highest levels of security and service. When a Cyberlink customer recently opened a phishing email with an attack bot in it, our expert monitoring found and eliminated the threat immediately. Then we found the exact server, company and user where the virus entered the system and provided training to that customer to prevent similar incidents from happening in the future. When your virtual desktops, accounting software and other systems are hosted with this level of service, it’s easier than ever to achieve the seven security tips above.