They can strike anyone, anytime, anywhere. Whether they use a phish, a virus or even a Trojan horse malware, cybercriminals are targeting Fortune 500 companies on Wall Street — but increasingly even smaller stores on Main Street.
In fact, the U.S. Small Business Administration claims that small employers are becoming an attractive target for cybercriminals because they have valuable customer data, provide access to larger networks such as supply chains, and often lack the resources or personnel to focus on cybersecurity.
Despite this trend, new research from Nationwide released during National Cyber Security Awareness Month uncovers that most small-business owners (78 percent) still don’t have a cyberattack response plan — even though the majority (68 percent) are at least somewhat concerned about a potential cyberattack affecting their business.
Our survey also found that more than half (54 percent) of small-business owners were victim to at least one type of attack. The top three attacks were a computer virus (37 percent), phishing (20 percent) and a Trojan horse malware (15 percent). Other attacks included hacking (11 percent), unauthorized access to customer information (7 percent) or company information (7 percent), issues due to unpatched software (6 percent), data breach (6 percent) and ransomware (4 percent).
Those findings came from our second annual Small Business Indicator. This national survey was conducted online in June by Harris Poll on behalf of Nationwide among 502 U.S. small-business owners with fewer than 300 employees.
While cybersecurity poses a serious threat to America’s small-business owners, they can get help from their local insurance agent. These trusted partners may not be cybersecurity experts, but they can support owners in assessing their risk and advising on policies. In fact, agents are so crucial to helping small businesses fight cybercriminals that we created a list of 10 tips they can share with their clients:
1. Perimeter: Guard your physical perimeter to prevent hackers from accessing sensitive data and your company’s computer network.
2. Employees: Educate your team because employees are your company’s first line of defense against cybercriminals.
3. Firewall: Activate your firewall to block connections that are used to hack into your system and deliver viruses.
4. Software: Install and regularly update spyware, anti-virus and malware software to help prevent and detect any of those from affecting your computers.
5. Passwords: Use stronger passwords of eight to 10 characters that include letters, numbers and special characters; change those passwords regularly.
6. Networks: Secure your WiFi networks to prevent hackers from accessing your servers or using your internet connection without your knowledge.
7. Social: Set social network profiles to private and check security settings; also, be mindful of what information you post online.
8. Data: Encrypt your most sensitive data, make a backup and store it in a fireproof safe or off-site; use a dedicated computer for all sensitive information.
9. Vendors: Carefully select online computing services, because any information you share with them can be compromised by their system.
10. Insurance: Acquire cyber insurance to cover losses in case of a breach or fraud.
Cybercriminals can strike anyone, anytime, anywhere, but insurance agents exist to help any client, anytime and anywhere. So let’s start the conversation today.
Mark Berven is the President and COO of Nationwide Property & Casualty, the No. 1 total small-business insurer.