Every day brings another data breach, ransomware attack or phishing attempt on businesses around the globe. Whether it's a local business or a worldwide corporation, nobody is immune to the threat of a cyber security incident. These types of attacks can stop businesses in their tracks, and let's face it, when your business stops operations, you stop earning money.
In June, the FBI's Cyber Division reported that their Internet Crime Complaint Center had already received as many complaints regarding cyber attacks in the past six months than in all of 2019. Of all of the complaints received, more than 20,000 were related to COVID-19 cheat schemes. Many businesses right now are less concerned with cybersecurity as they focus more on just staying afloat. With guards down, cyber criminals are going to work to take advantage of those who are not vigilant. Here are some of the latest statistics on cybersecurity and ways in which you can protect your business.
- According to Verizon's 2020 Data Breach Investigations Report, 67% of all data breaches were caused by credential theft, social attacks (phishing and business email compromise) and errors. Compromised credentials pose an enormous threat to businesses, and are easily obtained in many ways including brute force attacks, email scams or via the dark web. To protect your company, double down on efforts to improve security and take advantage of two-factor authentication (2FA) and single sign-on for beefed up security. Also, dark web monitoring is critical to find compromised credentials quickly. By knowing what credentials are vulnerable, you can implement changes to prevent a data breach from occuring.
- Per IBM's Cost of a Data Breach Report 2020, the average cost of a data breach is $3.86 MILLION. It is important to note that this figure is the a global one. The average cost of a data breach is nearly three times the global average at $8.64 MILLION. Again, these figures can vary across different industries as well. The most expensive attacks occur against healthcare organizations. This is likely due to the amount of personally-identifiable information that is available with a healthcare provider. Protecting your company against a breach is critical and the most vulnerable areas of your business are endpoints. Endpoints are are end-user devices on your network such as computers, mobile devices and printers. With the rise of BYOD (bring your own device) policies and remote work from home, your network has probably never been more open with endpoints. All of these are gateways of entry for a cyber attack if left unattended. With endpoint security software, encryption and application control secure devices accessing your network and allow you to better control what can and can't access your network. Data encryption at endpoints helps your business stay safe from data leaks and losses, while application control stops users from executing unauthorized applications that cause network vulnerabilities. When used in conjunction with antivirus protection, both endpoints and your network are protected.
- More than 80% of all malware incidents involve some sort of phishing, according to CSO Magazine. Phishing is a type of cyber attack in which criminals "phish" for information via gaining the trust of the email recipient. Phishing emails often look like they're from a trusted source, like your bank or maybe even your boss, and their intent is to get you to either hand over sensitive information or download malware. To prevent phishing incidents, it is important for employers to educate their staff to spot phishing and report attempts to phish to your managed IT services provider or IT staff. There are some great employee training programs that businesses can utilize get their employees on the lookout for phishing and stop it before it's a breach.
- Industry-leader ZDNet reports that one in three data breaches are caused by unpatched vulnerabilities. Software and network hardware today is constantly evolving and changing. Think of your mobile device, and how often you need to update apps. Many of these updates are actually security patches that are created to block a vulnerability found in the program. The same type of updates are available for operating systems (Windows, iOS), productivity software (Word, Excel) and many other programs. The volume of patches that are put out by software makers in a month is astounding, with companies reporting somewhere between 10 and 50 patches to apply every month! If you're a small or mid-size business with limited IT resources, that is going to be a challenge. With patch management tools from a managed IT services provider, you can keep your servers and network hardware updated with automated discovery and delivery of missing patches and updates.
With these worrisome cybersecurity statistics, it is critical that businesses pay attention to their security vulnerabilities and work to block the methods by which attackers can strike. If you're a small or mid-size business, a managed IT services provider can offer a reliable service with a fixed monthly cost that you can budget for each month. A reputable Managed IT services can handle all of these issues for you, allowing your business to focus on what you do best!