As a result of a data breach, there were over 5 billion records exposed last year [1], with many of the records coming from some of the world’s most well-known and used companies. Some of the most high-profile incidents in 2021 resulted in the highest number of breached records in history: Comcast (1.5 billion), Facebook (533 million), and LinkedIn (500 million).
However, it’s not just the big cats that should be looking at protecting their data. Read on to see why small and medium businesses are at high risk of a cyber breach.
What is the concern for businesses?
As a business owner, you may like to think that your employees practice excellent cyber security both at home and in the office. Unfortunately, more often than not, you would be wrong. Many employees use their work email to sign up for unapproved websites or sign up for free trials- like a month free of Netflix.
Many smaller companies naively think they might not be the target of these hackers. They think they are too small, and hackers only go after the ‘big fish. However, this couldn’t be further from the truth. The majority of these breaches attack small businesses with potentially devastating consequences. In 2019, 10% of small businesses breached by a cyberattack were forced to shut down as a result of a data breach. [2]
Where does the data breach information go?
Criminal networks trade these hacked accounts on what is known as the ‘deep web’ or the ‘dark web’. These web layers are encrypted and sit below the information that search engines can access. In 2019 a database of 2.7 billion records, with 774 million unique email addresses, was posted for sale [3].
The issue is that many people still use the same password for multiple accounts. Keeper found that as many as 44% reused business passwords in 2021. The others are at serious risk if just one of these accounts is exposed. This lax attitude towards passwords is the digital equivalent of leaving your key under the doormat- the hacker knows where to look and how to gain access.
Criminals exploit this for various illegal activities, one of which is the selling and trading your personal information.
What can you do to protect yourself?
Making sure that you train your employees on the risks of password breaches is essential. Security awareness training is vital to businesses of all sizes. Awareness training allows your company to protect sensitive data, secure your premises and network and maintain your business reputation.
A Verizon study in 2021 found that 85% of data breaches involve a human element. A data breach is not always intentional. 62% are down to negligence rather than malicious intent – so trusting your team to do the right thing might not be optimal. Instead, give them access to a training program that keeps their knowledge consistent and your team on guard. Training will prevent more negligent data breaches than simply doing nothing.
Small and medium-sized businesses are a particular target of cybercriminals. They are banking on lax security protocols.
Let’s not give them a chance.
Using a platform to automate the learning will save time and resources while building a cyber-aware workforce.
Next Steps
So now you know some facts about data breaches, why not look at some more of our resources? We can help you build an effective strategy no matter where your business is in your cybersecurity journey. When you’re ready, we can help you protect your business. Let us know here, call us on 03332401824 or email hello@soconnect.co.uk.
