Whether you run a staff of five or 500, a data breach is never in the budget. However, for small and medium-sized businesses, a single data breach and the way it is handled can make or break the company. Check out our tips for SMBs on how to avoid, handle and mitigate a breach.
The State of SMBs and Cyber Security
According to a survey by the Ponemon Institute, 50 percent of small and medium-sized businesses surveyed reported a data breach in the last year. In the same survey, just 14 percent of respondents felt confident in their company’s cyber security.
Handling a Breach
SMBs and startups don’t always have the capital, staff or infrastructure to support a ground up approach in the event of a breach, but the events immediately following an infection or data breach can help to reduce both monetary and informational losses. The immediate steps generally go as follows:
- Classification: If not already on premises, IT professionals should be notified immediately in order to discover exactly what kind of attack occurred and when.
- Assessment: Your team will then determine the scope and reach of the breach, determining which systems and data was targeted.
- Isolation: If possible, the team will cut off the infected systems so as not to spread the attack any further. This is only possible if the attack is caught and handled early.
What SMBs Can Do Today
You may be thinking that your small company is too small to be a target, but like all criminals, cyber attackers look for any and all opportunities to complete their mission. In fact, because of these conflicting mindsets between the predator and prey, small businesses become a better target than large ones.
If a company is able to educate the entire staff on the very real threats of a data breach, perhaps less breaches would actually occur. At the very least, the conversation would be open and the start of a recovery plan would be in place. Paul Clarke, a Barclaycard product director, described the state of cyber security very aptly in a recent interview. “Businesses of all sizes face a constant and growing threat from cybercrime,” he said, “As our research shows, many small businesses are failing [to] take the necessary precautions, either because they don’t know how to protect themselves or, more worryingly, because they don’t think they need to.”