Small businesses reported faster growth in the rate of cyber attacks than their large, more visible competitors according to an Information Security Breaches survey by the UK's Department for Business, Innovation & Skills’ (BIS).
There was a 22% increase in the number of small businesses reporting a cyber attack, moving from 41% to 63% in the past year. In the same survey, 78% of large businesses reported some sort of cyber attack, up just 5% from the previous year. At this rate of increase, there will soon be no difference in the level of cyber attacks suffered by smaller businesses and their larger, more visible competitors.
The survey was cited in EN, a UK entrepreneurs magazine. The EN feature article looked at why small businesses are being increasingly targeted by cyber criminals and how they could best defend themselves. The lead expert quoted in the article was Urban Schrott, IT security & cybercrime analyst at Safetica.
“The mistake many SMEs make when it comes to cyber security is underestimating their own value," said Urban. "There is a common misconception of ‘why would someone want to attack my small business when there are so many bigger ones out there’.”
The BIS survey should be seen as a call to arms by small companies. “It says that a lot of SMEs don’t take IT security as seriously as they should, despite the fact that many are being targeted simply because their infrastructures will not be as secure as their larger counterparts, he added.
The Australian Defense Directorate mantra of Catch, Patch, and Match is mentioned in the article as a simple guideline for company security: Catch potential security risks at the perimeter, patch vulnerabilities, and matching employee access to their actual needs.
In addition to applying the correct technology, Urban says you should never underestimate the power of knowledge. "Probably the majority of IT security trouble could be simply avoided, just by anticipating that they could happen and putting simple preventive measures in place."