[BreachExchange] 4 main reasons why SMEs and SMBs fail after a major cyberattack

Audrey McNeil audrey at riskbasedsecurity.com
Mon Apr 2 20:23:58 EDT 2018


https://www.csoonline.com/article/3267715/cyber-attacks-espionage/4-main-reasons-why-smes-and-smbs-fail-after-a-major-cyberattack.html

We live in a time when malicious cyber attacks happen every minute, every
day, all over the world. Companies from the smallest startup to the largest
organization suffer from cyber attacks. It’s not surprising then that cyber
incidents targeting businesses, nearly doubled from 82,000 in 2016 to
159,700 in 2017, driven by ransomware and new attack methods.

However, not all companies are affected by malicious attacks in the same
way. Did you know that small- to medium-size enterprises (SMEs) and small-
to medium-size businesses (SMBs) face far greater threats, risks and
challenges combating cyber attacks. In fact, 60% of SMBs who were victims
of cyber attacks did not recover and shut down within 6 months. Why? What
are the main reasons SMEs and SMBs fail to recover after a major cyber
attack?  More importantly, what can they do about it to have a stronger
defensive strategy?

1. Unable to afford crucial IT and IT staff

A robust IT department is critical for staying abreast of and implementing
protections from the latest security threats. However, to be truly
protected, companies have to purchase multiple security systems to guard
key entry points. For a company that allows BYOD and is connected to
different cloud services, this means the IT department has to protect 4
main security components; the user identity, the device used, the network
they’re connected to and the cloud services they’re using. This normally
leads to purchasing at least 4 different security platforms.

The challenge is not only in deploying multiple security systems, but also
managing them and maintaining their daily operations. This demand also
requires staffing. For SMEs and SMBs, sometimes the entire IT department is
no bigger than 2-3 employees, whereas enterprise-level corporations’ budget
can afford whole IT departments stacked with large security teams. This
disparity in staff and proper IT often leaves SMEs and SMBS exposed and a
lot more vulnerable to cyber attacks, and, worse, when they do happen
unable to recover because they lack the technology and staff to do so.

2. Inability to provide ongoing cybersecurity training

Ongoing security education and threat awareness also play a role in why
SMEs are an easy target, and later struggle after being hit by a
cybersecurity attacks. Keeping in mind that cyber protection is developing
as fast as malicious attacks do, it is important that staff are
continuously trained and updated on current threats and the different ways
to mitigate or respond to them.\

For smaller enterprises with limited resources, this is not always an
option as it requires sending staff to conferences, courses and other
expensive educational training programs. Programs which are simply not
cost-effective for smaller businesses.

This lack of cybersecurity training leaves SMEs and SMBs vulnerable as they
don’t know the kind of threats they are looking for ahead of time, how to
respond to them when they do hit, and are often totally blindsided on how
to fix them. Frequently this leaves SMEs and SMBs helpless in the face of
complicated security breaches—especially after being hit by malware or
ransomware. According to the National Cyber Security Alliance, 60% of
hacked SMEs and SMBs go out of business, because they simply don’t know the
way forward.

3. Ransomware is much more devastating for SMEs and SMBs

Ransomware is a huge security problem for any size company. According to a
quarterly report, 64% of malicious emails sent in Q3 2017 used ransomware.
But many attacks don’t have to be as notorious as WannaCry or NotPetia to
take an entire company down. Ransomware was the fastest growing threat in
cyber security in 2017. Most ransomware attacks don’t have a happy
ending—at least for the victim and typically end in favor of the attackers.
For a big organization, that might be a hard blow to take, but still it
will be a manageable one, while for an SMB or an SME, it will devastate any
chance of getting back to regular operations.

While big companies have cyber insurance and the ability to pay the ransom,
a small or medium size company may not be covered by insurance and have
much smaller war chests from which to draw upon. Such a financial blow
could mean a massive hit to a mid-size company or a fatal one to a small
one.

4. A bad reputation can’t be ignored in the age of the internet

Companies serving customers have a responsibility to keep them safe.
Keeping private information secure is an expectation, and in some cases,
the law. So when personal information is compromised, customers rightly
feel violated and often seek financial restitution through the courts. For
SMEs, costly breaches can not only break a company’s bank, but lead to a
media storm of bad press. Ultimately, a company's failure to protect
customers’ private information can and will live forever in the annals of
the internet, bruising a company indefinitely. The news can also lead to
current customers leaving and potential ones going elsewhere.

While it’s true a dent in the company’s reputation is a hit for any size
company, large organizations have more resources to handle a crisis. They
often possess a large legal team to fight any battle in court, and PR firms
to employ crisis communications. Small businesses are not always quite so
lucky. Additionally, once hit with a security breach, many smaller
operations lack the financial resources to hire a PR firm to handle the bad
press, let alone employ a large legal team. Devoid of such resources, SMEs
often succumb to bad press and can be bankrupted in court. Loss of private
data could also lead to massive fines by authorities if HIPPA, CFPB, GDPR,
or other regulations were breached in the attack. Such fines could be
absorbed by a large company, but devastate a smaller organization.

What lies ahead for SMEs, SMBs and cyber security

SMEs and SMBs do have inherent advantages over larger companies. For
example, their agility enables them to be flexible and adjust to changes
quickly. They lack the red tape and complexities larger organizations have
to overcome to get things done fast.

Keep in mind, an SME needs to seek solutions matching their size and needs,
and not necessarily the same solutions used by a big organization. The fact
that a Fortune 500 company chooses to work with a complex and expensive
vendor doesn’t mean it is the best fit for an SME. It might just be the
best for them, but not a good fit at all for a smaller operation. Smaller
companies can crowdsource and be the first to use security collaboration
tools, taking advantage of their cost-effectiveness.

Smaller companies with smaller IT teams can use and consider autonomous
systems to help them not only detect but also mitigate security threats.
The idea of a full protection solution doesn’t belong only to the top-tier
companies and can be introduced and adopted by SMEs if they keep an open
mind to the new wave of cyber security solutions emerging—and just in time
we might add.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180402/42709ee0/attachment.html>


More information about the BreachExchange mailing list