Small and midsize businesses are much more likely to experience cyber attacks than large companies. In fact, 62 percent of all cyber crime targets are small and midsize businesses.
It costs, on average, about $400,000 to recover from a single cyber incident, which could be catastrophic for a small or midsize business, Chubb warns in a new advisory, noting that more than 4,000 incidents occur each day. However, many small and midsize companies continue to believe they are not at risk of such attacks.
In the new advisory, “Cyber Attack Inevitability: The Threat Small & Midsize Businesses Cannot Ignore,” Chubb offers real-world examples of these cyber risks and precautionary measures that small and midsize businesses can take to help protect themselves.
Among the examples Chubb lists:
Stolen Email Account: After a cyber criminal gained access to an email account belonging to a real estate office, he convinced a client of the firm to wire transfer $300,000 to a fraudulent bank account.
Phishing Scam: When an accounting employee at a social services agency got a seemingly legitimate email request, he provided the W-2 forms of current and former staff members, thus handing over their information and facilitating identity theft.
According to the Chubb Cyber Index, the most common actions that cause a cyber incident are preventable. Chubb recommends that small and midsize businesses:
- Create a cyber attack response plan.
- Use a secure password manager for employee credentials.
- Educate employees about the risks of cyber crime and deploy software that can reduce social engineering attacks such as phishing.
- Install good antivirus software and ensure it is always up-to-date.
- Update operating systems and applications
- Protect networking activity with a secure router and a Virtual Private Network (VPN).