Check by Street Address
Enter your address below to find offers, promotions and services available in your area.
Check by City/State
To provide you specific information and service pricing for your area, please choose your location:
Cybersecurity attacks are a big issue for small business owners. There has been a sharp spike in cybersecurity attacks, and the associated costs are on the rise.
We often hear about large attacks at major corporations because they are more likely to get the attention of major news outlets. However, bad actors target small companies more frequently because they expect them to have reduced security protocols that are easy to breach.
According to a 2020 Verizon Data Breach report, 28% of data breach victims were small businesses. Cybersecurity criminals recognize small businesses as easy prey, and the confidential customer information they store is just as valuable to the cybercriminal as that of a large corporation.
What is a Data Breach
When an unauthorized person accesses confidential information, it is considered a data breach. It always results in the loss of sensitive data, compared to a hack designed to damage or immobilize a system’s integrity.
Types of Data Breaches
Not all data breaches are the result of a cybersecurity attack. Careless or inadequately trained employees can accidentally cause them. The most common types of cyberattacks on small businesses include:
How do You Know You Had a Data Breach
Data theft is difficult to detect and can take weeks or months to notice, unlike a burglary where you immediately know you were robbed. The time it takes to detect the data breach may cause added damage because thieves have time to sell or use the data. It takes an average of 279 days to discover that a cybersecurity attack has happened. The longer it takes to find out that your data was compromised, the more expensive it is to correct the problem. So how can you find out sooner? Signs can range from slow speed and failed log in attempts to unknown devices or admins on the network. Other indicators are devices restarting when not expected or security programs like antivirus software not working correctly.
What to do When You Discover a Data Breach
Whether your data was intentionally or unintentionally exposed, it is an unsettling experience. The implications are significant and range from financial cost to damaged reputation and loss of customer trust. Take a step-by-step approach when dealing with a data breach. By implementing the appropriate responses, you can reduce the damage caused by cybercriminals.
Step 1: Secure any affected spaces
If physical areas are involved, change locks and access codes, and preserve any evidence. If caught early, it may be possible to limit the spread or extent of the breach by isolating computers or servers that were affected by the attack. Remove any viruses or malware from your network.
Step 2: Assess the impact
Examine what type of data was stolen and to what extent, such as customer names, addresses, emails, or banking and credit card information. Interview the employees who discovered the breach and carefully record all details. Bring in cybersecurity experts and notify your insurance company.
Step 3: Investigate the cause of the breach
Was it accidental or intentional, and how was the data compromised? Your insurance company may also investigate the attack.
Step 4: Get help
After determining the extent of the problem, consult an attorney to educate yourself about your responsibilities, legal obligations, and exposure. It can also be beneficial to consult a public relations expert if you don’t have that expertise on your team. A PR consultant can guide you on how to notify clients and customers and help contain any potential media fallout.
Step 5: Notifications
Now it is time to notify the affected consumers. It may also be necessary to inform shareholders and, in some cases, the public. It is best to notify those who are affected as soon as possible. Be upfront, forthcoming and transparent, and take responsibility for your role in the breach. Apologize sincerely and offer help with any negative consequences the victims may experience. That could be as simple as paying for a membership in an identity theft protection service.
Step 6: Prevention and moving forward
You will likely have learned valuable lessons from this cybersecurity attack that will go a long way toward preventing incidents in the future. You will not prevent all beaches, but you can make it a lot harder for bad actors to get at your data.