Data Security Threats for SMBs
The negative impacts of cyber attacks on businesses is exponential. It is estimated that the global economic cost of cyber attacks is greater than $400 billion. According to the 2013 Cost of Cyber Crime Study by the Ponemon Institute, there has been a 26 percent increase in cyber attacks on companies since 2012. A 2014 survey of 60 U.S. companies found that 97 percent of businesses surveyed experienced malware attacks, including Trojans, worms and viruses. Today, just about every company is at risk for cyber attacks.
As cyber criminals adapt their techniques to changing technologies, the risk of cyber attacks from hardware, software and social engineering is an ongoing problem. The globalization of computer chip manufacturing has created a wide array of opportunities for criminals to insert malicious circuits during the manufacturing process.
A common type of cyber attack is malicious code, designed to disrupt the system, gain unauthorized access and garner confidential information. Trojan software and third party software fall into this category. Malicious software can remain dormant for months before launching an attack. Attacks can be initiated in a variety of ways. Some attacks are triggered by a calendar date causing the system to completely shut down. Covert attacks often make the system look like it's operating normally while introducing corruptions in data in the background. In addition, some covert attacks allow the deployment of malicious software somewhere down the road.
Outdated and expired cyber security software are just as problematic as having no defense at all. Systems with outdated security patches run the risk of malware attacks that utilize software exploit. A malware infection may include spyware that can steal company data, such as employee personnel information, banking credentials and intellectual property.
Social engineering is a non-technical method that cyber criminals use to trick people into breaking security procedures. As a matter of fact, it is one of the greatest threats that companies face today. Types of social engineering include spam mail, phishing, baiting and tailgating. Social engineering is a way to attach a virus and get people to divulge sensitive information.
Although the current White House administration has established the new Cyber Threat Intelligence Integration Center to combat hackers, businesses must still take the initiative to defend themselves and implement proactive cyber security measures in corporate culture. The financial impact that cyber crime can have on companies is significant. Businesses should take steps to protect trade secrets and user data by encouraging employees to create stronger passwords and to avoid links in suspicious emails. Other ways to defend businesses against hackers include having a security network plan in place, encrypting data, securing hardware, educating employees and hiring third-party, data-security vendor.