When talking about the threats of hackers, people tend to focus on their threats to large corporations. Included in this group of people are small business owners, who tend to take the “it can’t happen to me approach” to the issues associated with hacking. Hackers are starting to prove these small business owners wrong, as the vulnerabilities of their systems are beginning to come to light. An article in Forbes cited a study by Symantec in which they found that 40% of cyber-attacks “were targeted at small companies.” Will this be a strong enough news flash for small businesses to change their ways.
Not all of the blame can be placed on the owners, as Forbes found that many of the employees are at fault as well. The employees leave computers unattended, use easy-to-crack passwords, click on unsafe links, etc. All of these acts by employees that small business owners choose not to come down increase the vulnerabilities of their IT services. Another interesting way in which employees make their business’s information vulnerable is by imputing important data onto their cell phones which could be lost at any time.
Small businesses have more important data that is worthy of theft than most of them think. These employees are constantly “putting critical business data at risk,” which doesn’t only effect the company itself, but their suppliers as well. If their suppliers see that doing business means putting their own information at risk, it is very likely that they will cease doing business with them. As we all are aware, small businesses are struggling to compete in the current economic situation, and having issues with suppliers can only increase that hardship which makes it seem like a worthy issue to address.
A Bloomberg article provides an example of a small company that suffered due to a cyber invasion. An online print shop company, Next Day Flyers, had client information and credit card numbers hacked from them. This incident served as a wake up call for the owner, David Handmaker, who thinks small business lack security compared to larger companies because larger companies “have more resources.” Although this is true, I would like to argue that small businesses need to start spending more on their security because of cases like that of Next Day Flyers. As we learned in our IT security lecture, IT security is expensive and does not have a direct return of investment, but I think in order to have the potential to survive, small businesses have to invest in defending their information. What do you think?