Cyber Security Risks for SMEs

Posted on by Bryan Greene

Cyber Security Risks for SMEs

Cyber security – it’s a subject many SMEs prefer not to consider, and the U.S. is a country dominated by SMEs.

Nearly 29 million enterprises coast to coast make a significant contribution to our economy, accounting for an estimated 46 percent of the private nonfarm of U.S. GDP. Washington State alone consists of 574,455 small businesses of which 1.3 million Small Business Employees take up the work force.

According to CNBC’s Top States for Business study, Washington State has been ranked number one in the U.S. for Business in 2017. Following a 3.7 percent growth in 2016, Washington’s economy was nearly 2 ½ times the national rate. Out of the 50 States, Washington finished No. 3 in Technology & Innovation and No. 5 in the important Workforce category. Being the home to Amazon, Costco and Boeing as well as online marketplaces like OfferUp and Blue Origin, Washington has the old and new economies covered.

However, with easy online access to both local and international markets come the risk of security breaches from global threats.  As the recent global ransomware attacks from the wannacry virus have shown, no company or computer is safe.

Even small or medium businesses here in Washington are susceptible to online and Internet security threats from cyber terrorists. Hackers are actively looking for ways to disable or access your company database, causing havoc or significant financial damage from downtime.

Many SMEs make the mistake of believing they are too small to be actively targeted or impacted by online security issues, but in fact, as a smaller enterprise you need to focus more on protecting your valuable data – which is most often the lifeblood of your business.

As a Washingtonian business owner, you need to expand your risk management thinking and considerations to ensure that the most valuable information in your organization is protected. This will help you prevent the potentially devastating consequences of an online security failure.

Not convinced? Read on for the type of costs that can impact your company and some sobering statistics for any business owners who do not believe it can happen to them.

Cyber Security Risks for SMEs

According to a study by the Ponemon Institute on the cost of data breaches in the United States, the average cost of a data breach to a business is $221 per compromised record. Using this figure, data breaches likely cost businesses operating in Washington almost $100 million over the past year.

The study found that $145 of this relates to indirect costs, such as turnover of customers resulting from the breach, and $76 are directly related to the breach, including legal fees, credit monitoring services for consumers, and security improvements.

At Adaptive Technology Group, we recognize the risks faced by companies like yours that do not have the expertise for full in-house protection. That is why we approach protection of data from a security, compliance and business perspective.

Security is a requirement but, too much security can impede production by adversely affecting performance and data accessibility. By providing the appropriate operational security framework that is tailored to your company’s needs, security and compliance can be effectively implemented.

Eight Things You Can Do To Protect Your Data Today

While we have the strategies and services to keep your business secure online, you may be wondering if there’s anything you can do on your own to start protecting yourself from security threats. Here are the eight essential IT risk recommendations we suggest establishing as a first step to minimise information or online security incidents.

  • Whitelist Applications: Establish a whitelist to allow only selected software applications to run on computers.
  • Disable MS Office Macros (untrusted): Ensure those macros that automate simple, regular, repetitive tasks and are untrusted are deactivated.
  • Application Patches: Ensure any security vulnerabilities in software applications are fixed with patch updates.
  • Harden User Applications: Uninstall (if possible) Adobe Flash Player, and block web ads or Java code.
  • Administrator Privilege Restrictions: Provide them only to those who require them for managing systems, installing legitimate software and applying software patches.
  • Multi-factor Authentication: Ensure access is only granted after the user provides multiple forms of evidence (e.g. passphrase and other data uniquely known to the user).
  • Operating System Patches: Ensure any security vulnerabilities in the operating system are fixed with patch updates.
  • Data Backup (daily): Regularly back up all important data and store it securely offline.

Business decision-makers can no longer ignore online and Internet security. Cyber protection is critical to your success. Contact us today at (206) 931-3200 or email here to learn more about how we can help you stay safe.