Businesses are taking security and security threats more seriously than ever before. If you look at some of the recent statistics about losses and data breaches, it is easy to understand why:
- In 2015, more than 169 million personal records were exposed due to data breaches at a cost that averaged $154 per record, with the most expensive being $363 per record.
- In 2015, there were 38 percent more security incidents than the year before.
- Fifty-two percent of businesses believe that they will be successfully attacked.
- The average cost of a security breach to a small business is $47,000.
Yet, despite businesses getting more serious about security, many don’t even understand the types of security threats that their business faces. Movies and television paint one picture, but the image they portray of a bad guy making off with one big heist is far from the truth. The real types of security threats that you need to protect your business from are much less theatrical but much more real.
Someone in your business receives what seems to be a harmless email—maybe it has a potential new employee’s resume attached or a copy of an invoice. They download the file, look it over, and move about their daily tasks. Meanwhile, in the background, that file they opened is installing malware on their computer that is slowly encrypting all of the files on their hard drive so that no one can access them. Not even the user. If they have shared network drives, it will encrypt those as well. Eventually, the user will receive a warning on their screen letting them know that their files have been encrypted, and if they do not pay a ransom in a given time frame, their files will be wiped out. If they do pay, the bad guys promise to deliver them an encryption key that will unlock all of their files. But who is really willing to trust a criminal to do the right thing?
2. Data theft
Your business has something that criminals find extremely lucrative: information. It could be personal data belonging to your customers (or patients, if you are in the healthcare field), it may be payment card information, or it may be your company’s intellectual property. Even emails discussing bidding and pricing strategy can be extremely lucrative to the right person.
Any of these could easily put you out of business. Reputation damage after customer information is compromised could turn people away for years. Losing intellectual property could open the doors to competition that can easily outprice you without having to sink money into research and development. If your competition knows your business plans or strategies ahead of time, they can easily outbid you or beat you to potential customers.
3. Your website
In today’s world, a company website is often the face of the business. Criminals know this and know exactly how to leverage this in their favor. With a rented army of computer bots, they can flood your website with so much traffic that it brings the entire server down. They could be working for a competitor, or they could be making demands in order to stop the attack. Either way, downtime for your website costs you money.
Another type of security threat that relies on your website is when attackers find vulnerabilities in the code that allow them to host malware on your site. Whenever someone visits, that malware attempts to install itself on the visitor’s computer. After a while, sites like Google will realize what is happening and start warning potential visitors, steering them away from your business.
4. The biggest security threat: you
You may not realize it, but the biggest security threat to your business may be you and your team. If your IT staff is not experienced in dealing with highly sophisticated attacks and not trained to correctly configure and manage the technologies that you need to have in place in order to keep your business network safe, then you are a vulnerability, and the only way to patch that is to make sure that you get the right people in place to properly secure your business against these threats and the ones that your business will face in the future.