As A Middle-Market Business Owner, Are You Safe From Cyber Attacks?

Many small and medium business owners are under the mistaken impression that they are immune from the attention of hackers and other Internet evildoers because their companies are smaller. Reality is that nothing could be further from the truth.

If you store any sensitive information on your network (and we all do), you could be a target for a hacker. This is especially true if you store credit card numbers, employee social security numbers, and your bank account information anywhere on your network.

If you think I am making too big a deal about this, let me share an article I recently saw on this topic. The title of the article in print says it all: “Small Companies Beware.” Published in the Los Angeles Times, the article does a great job of highlighting why you, as the owner of a middle market company, need to be sure that your networks are secure.

The article opens with this scenario:

“It took all of three minutes for the hacker to break into the small accounting firm’s computer system. The virtual open window into the system turned out to be a computer equipped with outdated software. It provided access to the office network and the hacker was able to get files that included private financial information.”

Fortunately, in this case, the hacker was working for the security company that the firm had hired to test its defenses. Because they were able to learn from the security breach, the accounting firm was able to update their software and create new security procedures to prevent any future cyber attacks. However, this could have been a costly lesson if not caught beforehand.

One of the big myths that network security companies encounter is the idea that if a company is small, it is immune from cyber attacks. Nothing is further from the truth. In fact, in a 2010 survey of small- and medium-size businesses, Symantec Corp, which sells anti-virus software, found that about “73% of the businesses in the study reported they had been targets of cyber attacks in the last year,” notes the LA Times.

This is a huge number and clearly indicates that your size does not protect you. Also, keep in mind that the 73% in the survey are the businesses that know that they have had a cyber security breach. Many companies have had their systems compromised and are simply unaware of it.

The Cost of a Cyber Attack

The LA Times went on to quantify the risk in terms of dollars lost in any cyber attack. The first is direct potential monetary loss you may incur. One business owner interviewed lost nearly $500,000 when hackers were able to gain access to her business bank accounts on her network and transfer the money overseas. That is just one example of the potential direct cost to you of a cyber attack.

The second cost is the money you could be required to spend to notify your customers if sensitive information about them is stolen. In many states, you are now required to directly notify any customer who has had sensitive information compromised AND provide them with some form of digital protection for a specified period of time. According to the LA Times, this could cost you up to $250 per person. If you have to notify 5,000 customers, you could end up spending over a million dollars to rectify the situation.

Finally, depending on the industry you operate in, having documented network security provisions in place may be a necessity in order to land new clients. In health care, financial services, and a number of other industries, having a protected system and providing documentation to prove it is now a standard part of doing business and remaining competitive.

As the LA Times notes, “no data security system is fail proof.” But taking some simple steps proactively can prevent you from being an easy target. The real concern of a cyber attack is the ultimate cost of a security breach. Not only could you be liable and be required to pay for the expense of contacting every person whose identity was compromised, the real cost is the loss of goodwill you may experience. If your clients no longer believe that your data is secure, why would they want to do business with you?

Don’t make the mistake of assuming your size will protect you from cyber attacks. Keep in mind that if you have unscrupulous competitors or angry ex-employees, they may attempt to hack into your system to gain competitive advantage, steal trade secrets, or simply disrupt your operations. Your size will have no bearing on these hackers.

How To Protect Yourself Against Cyber Attacks

At a minimum, make sure that your network is protected by a firewall and keep it updated for some protection. Purchase one of the many anti-virus software programs available and ensure that your employees use it on a regular basis to keep your system clean.

Another option is to invest in anti-malware software to operate in conjunction with your anti-virus software. Malware, short for “malicious software,” is programming designed to disrupt or deny attempts to gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.

Also, be sure that your Windows software is updated regularly so that you have the latest updates from Microsoft as they become available. Make sure that your network is password protected and ensure that your employees change their passwords frequently and that passwords are not shared. If you can afford it, hiring a consultant in network security would be optimal.

Bottom line: Do something to ensure that you are protected. Inaction under the assumption that your size will protect you is not the best plan.

© 2011 Generational Equity, LLC All Rights Reserved

About Carl Doerksen

Carl Doerksen is the Director of Corporate Development at Generational Equity.

Speak Your Mind