Small Businesses in Big Trouble According to Verizon's 2017 Data Breach Report
"No one thinks it’s going to be them. Until it is." - Verizon 2017 Data Breach Investigations Report
Verizon's 2017 Data Breach Investigations Report highlights the growing trend of cyber-attacks on small businesses. In this year's report 61% of attacks were on businesses with less than 1,000 employees. Many businesses think that they aren't target for breaches because they aren't as big as other companies. They couldn't be anymore wrong.
Cyber-criminals are opportunistic and will attack a business of any size if they feel there is profit to be made. Verizon informs that "cyber-criminals are using all the information they can get hold of to up their game. So should you." Small businesses try to the best of their abilities to keep up with security protocols, but with regulations changing so often many are struggling.
There is a false sense of security as many believe that data breaches are "something that happens to someone else". Blue prints, medical records and payment card details are enticing for criminals and with small businesses having little to no defense against them they become prime targets.
Small businesses must be on high alert as they are the ones that are critically impacted and struggle to remain afloat after an attack. 61% of data breach victims are businesses with under 1,000 employees.
Courtesy of Verizon
This year’s DBIR found 1 in 14 users were tricked into following a link or opening an attachment — and a quarter of those went on to be duped more than once. of phishing attacks that led to a breach were followed by some sort of software installation.
Verizon has identified the most common attack patterns that hackers use and the industry most likely to be hit by them
Top Attack Patterns
*Everything Else - Any incident that did not classify as one of the nine patterns.
Many of the breaches that have occurred were avoidable. If organizations had taken the time and effort to educate and implement basic security measures the outcome for them would have been completely different.
Below are seven tips that Verizon stresses as common mistakes that business should never overlook.
Quick Takeaways
Be vigilant
Log files and change management systems can give you early warning of a breach
Make people your first line of defense
Train staff to spot the warning signs.
Only keep data on a "need to know" basis
Only staff that need access to systems to do their jobs should have it.
Patch promptly
This could guard against many attacks.
Encrypt sensitive data
Make your data next to useless if it is stolen.
Use two-factor authentication
This can limit the damage that can be done with lost or stolen credentials.
Don't forget physical security
Not all data theft happens online.
Businesses must prepare themselves and ensure that all cyber-security protocols are in place and enforced.
Tritium Information Security provides enterprise level assessments at affordable prices. We customize solutions that fits your business’s needs. We not only help remediate system flaws, but also test that the implemented updates in your security policy improve the protocols in place.
Take our FREE online security assessment today.
Discover where you stand on the front lines of cyber security.