The shift of most businesses to online operations is a dream come true for cyberhackers. They still proliferate and are busier than ever. In an article on Forbes, Chuck Brooks, a global thought leader in cybersecurity and emerging tech, stated that 2020 showed a record-breaking number of cyber-attacks on individuals, companies, and governments, as well as data loss from breaches.
Data Theft for Ransom
Data loss is particularly devastating to businesses. When data is taken for ransom, an unprepared company is forced to pay up or fold up. Expert Insights mentions data from a recent report stating that every cyberattack on businesses with less than 500 employees results in an average loss of $2.5 million.
According to Information Security Buzz, the more advanced Ransomware 2.0 encrypts the stolen data so that the company cannot access it and also threatens to expose the data publicly. This means that not only is the company crippled but it will also be accountable for the loss of data privacy, with fines that can amount to millions.
This highlights importance of prior data encryption by companies so that hackers will not be able to read any data they steal. Companies also need to hire a business continuity service provider to ensure that their data is completely backed up and ready to use again within minutes.
The Need for Cybersecurity
A report by Brandessence Market Research and Consulting (BMRC) published by CE Pro states that the global cybersecurity market had an estimated value of $176.5 billion in 2020. Because of the heightened need for cybersecurity, its forecasted compound annual growth rate (CAGR) is 12.5 percent in the succeeding five years to reach a value of $403 billion by 2027.
The various kinds of cybersecurity include antivirus or anti-malware, network security, intrusion detection systems (IDS), intrusion prevention systems (IPS), identity and access management (IAM), and data loss prevention (DLP).
Why Small to Medium-Scale Businesses Are Being Targeted
The Hill reports that according to Brian Moynihan, Bank of America CEO, 95 percent of businesses in the U.S. have fewer than 100 employees and 80 percent have fewer than 10. Small to medium businesses make up the pillar of the economy, but they are vulnerable to cyberhackers.
Information Security Buzz cites data from Kaspersky showing that the information technology (IT) budget of small to medium businesses increased by only three percent from 2019 to 2020. This is measly compared to the increase in costs of paying for skilled cybersecurity professionals.
TechRepublic reports that according to the 2020 SMB IT Security Report of Untangle, among 500 small to medium businesses surveyed, 32 percent of respondents identified the greatest obstacle to cybersecurity as budget constraints. For their 2020 budget, 39 percent allocated less than $1,000 to IT security; 26 percent allocated $1,000 to $5,000; 15 percent allocated more than $10,000; 12 percent did not know the allocation; and eight percent allocated $5,000 to $10,000.
Information Security Buzz cites a report from Sharp stating that 36 percent of small to medium businesses do not employ full-time cybersecurity personnel. Results of a survey by The Manifest show that only 34 percent of these businesses conduct training on data safety and best practices in cybersecurity for their staff. Both findings jibe with the limited budget usually given to cyber concerns. Budget constraints also often have an impact on improper or inadequate backups for business data.
Data from the 2020 SMB IT Security Report shows that 24 percent of respondents identified their second greatest challenge as the non-compliance of employees with proper security guidelines. As more employees are now working remotely, compliance becomes a bigger problem. Those who are working from home are also mainly dependent on whatever security home office network is providing.
Cybersecurity Investment is Profitable
Businesses must understand that spending for cybersecurity is not optional. It is one of the most important investments that a company can make to ensure its survival. This is not just to safeguard against actual cyber-attacks, ransom threats, and data losses, but also to reassure its clients of the safety of their data. A company’s reputation is, after all, an integral part of its brand.
There is good news, though, as TechRepublic reports that according to the 2020 SMB IT Security Report, 77 percent of the 500 respondents were not breached within the year, whereas only 57 percent did not have a breach in 2019 and 58 percent in 2018. The companies who experienced a breach within the year reported that they successfully stopped it before losing any confidential data.