America’s small business owners may want to consider placing a greater emphasis on cyber awareness and best practices year-round. According to a new survey by Paychex, 68 percent of small business owners are not worried about their business being hacked.
The same survey revealed 90 percent of small business owners are at least somewhat confident that their business would be able to recover from a hack, should it happen. According to the National Cyber Security Alliance, more than 70 percent of cyber attacks target small businesses, and the cost of recovery can be enough to permanently force an organization out of business.
“Small businesses are particularly vulnerable because they often possess richer data sets than average consumers, but generally lack the protections most larger businesses have in place,” said Todd Colvin, senior director of data systems and security at Paychex. “Short of implementing a broad suite of cyber security protections, small businesses would be served well by following basic computer hygiene practices – such as implementing a documented information security policy, logical access restrictions, robust logging and review, device and application patching – all year long.”
While the majority of Paychex’s survey respondents expressed a certain fearlessness about the threat of a cyber attack, many did admit they are not immune. Ten percent of those surveyed reported having been the victim of a small-scale attack and 9 percent suffered from a large-scale attack such as WannaCry.
It’s not always professional cybercriminals who are the problem. Unfortunately, employees can pose a risk, as well. Of those surveyed, 10 percent said they had discovered an employee inappropriately disclosing confidential business information online, either accidently or purposefully, and 9 percent suspected an employee of doing the same.
“Hiring the right employees who possess similar values from the start can have a positive impact on an organization’s overall security,” Colvin said. “Conducting a thorough background check is a critical component to making the right hire and is a step in the hiring process that should happen no matter what the position.”
Colvin also recommends businesses consider investing in cyber breach liability insurance, as most traditional business insurance policies do not cover the range of expenses a cyber attack may incur.