5 reasons cybersecurity matters to small businesses

Summary:Small businesses often think they are 'too small' to be worth hackers' notice, but that assumption could be devastating.

The Year in Review, the Year Ahead

On Christmas Day, perfectly timed for the traditionally slow news week that leads into New Year's Eve, the cyber hacktivist group Anonymous apparently hacked the Web site and internal servers of security consulting and risk management advisory firm Stratfor.

Soon thereafter, the alleged attackers began publishing all sorts of confidential information, including the names of the company's clients. What's more, someone started using the credit card information obtained during the breach to make charitable donations in a vaguely Robin Hood-esque tradition.

Although the subsequent attacks that were threatened apparently have not come to pass, or least haven't yet been disclosed publicly, the incident caps a year of pretty serious cyberhacking. Sony and RSA were just two of the big companies embarrassed by extremely public incidents. As I was reading up on this topic, I discovered that there were 760 attacks in the past decade by just one Chinese firm. That's just one nasty organization. That should give you pause, because I can assure you there is more than one person out there in the world who would love to create trouble for your business.

So, even though I've already written about essential technologies for investment by small businesses in 2012, security is absolutely positively the most important infrastructure that small companies need to make.

Here are 5 reasons why:

  1. Smaller companies are more likely to be attacked than bigger ones. Don't believe me? Symantec.com, which keeps statistics on this sort of thing, suggests that 40 percent of attacks are against organizations with fewer than 500 employees, versus 28 percent against bigger companies. Remember, there are lots of people who could make trouble this way. Not just big groups with something to provide like Anonymous or LuluSec, but disgruntled former employees or business partners.
  2. Breaches are potentially business-ending events. Depending on the statistics you believe, the average cost of a breach or cybersecurity incident is about $190,000. Do you have that sort of money to lose? Even more serious: about half of small businesses still don't back up their data, so what is lost is lost forever. Which means your business might be lost forever. The Federal Communications Commission has published a useful cybersecurity guide you might want to consult.
  3. Can you be sure you are properly controlling the access of your employees and business partners? This will only be a bigger factor, as personal tablets and smartphones become more commonly used as business tools. Improperly managed client-side software is one of the biggest known cybersecurity threat, allowing people to see information that they really shouldn't be able to see AND allowing rogue malware to enter your infrastructure. I am dealing with an problem like this right now. Even though certain files I post to my non-profit's web site are "gated," for some reason, they can be accessed publicly if the right link shows up in a Google search.
  4. Attacks could ruin your company's reputation. I know that they say all publicity is good publicity, but think about how embarrassed Stratfor must be this week. After all, this is a security consulting company. According to the reports about the incident, the reason that the hackers were able to steal so much data -- up to 200 gigabytes -- and make use of it was because certain information was not encrypted. Stratfor should have known better, and so should your company.
  5. Your company could be putting its best customers at risk. In assessing the security risks for their business, some owners and managers fail to consider that it isn't just your own data you need to worry about, it is that of your customers. Anyone involved in healthcare already has this mantra beaten into their brain, but any company that engages in business-to-business activity with much larger businesses needs to consider their needs as the driver for their own security plans.

Topics: Security, SMBs

About

Heather Clancy is an award-winning business journalist specializing in transformative technology and innovation. Her articles have appeared in Entrepreneur, Fortune Small Business, The International Herald Tribune and The New York Times. In a past corporate life, Heather was editor of Computer Reseller News. She started her journalism lif... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.