When discussing cybersecurity breaches, it’s easy to think these things only happen to big firms. After all, headlines about compromised firewalls tend to be about larger organisations like the NHS, Uber or Yahoo, not the little local firm down the street. However, new research suggests small-business leaders have reason to bulk up their digital protection too.
Having surveyed 2,700 IT managers in organisations of 100 to 5,000 employees in ten countries, Sophos, the cybersecurity company, and Vanson Bourne, the research company, have revealed that organisations suffer 16 infected computers per month on average. While breaches were more common among bigger businesses of between 1,001 and 5,000 employees that on average experienced 20 hack attacks per month, smaller firms still had on average 13 computers being infected each month.
Even more discomforting, the report reveals many organisations leave themselves open for breachers by not having full overview of their IT. For instance, IT teams cannot identify 45% of the traffic on their corporate networks.
Speaking exclusively to Elite Business, Chester Wisniewski, principle research scientist at Sophos, warns that those numbers are only set to grow. “Cybercrime is a big business and is well-funded and criminals don’t need to be IT experts in order to be successful,” he says. “Toolkits with support services can be bought on the dark web and even ‘hackers for hire’ will launch an attack on your behalf.”
With the realities of the threats online as well as the General Data Protection Regulation coming into force on Friday May 25, Wisniewski warns that small-business owners can no longer afford to be slack about cybersecurity. “[It] is now clear that all companies who do business in the EU need to protect their customers’ data and they will be held accountable for not doing so,” he says. “This now makes the consequence of inadequate cybersecurity a lot greater. Additionally, many hacks can put a small organisation out of business. The cost of recovery is increasing and even something like a basic ransomware attack might involve the cost of recovery, remediation and regulatory fines.”
So as laptop-wielding larcenists continues to wreak havoc on businesses, corporate head honchos are advised to prioritise cybersecurity, no matter how big their companies are. 
