Small businesses have become a common sight in the modern day. With the advent of technological innovation and ease of doing business, thanks to the elimination of physical infrastructure due to the arrival of the internet, small businesses are increasing in number every single day. The rate at which startups are popping up every year beats any other statistic of its kind. Anyone living in a developing or a developed world can vouch for this. However, this article will not deal with this statistic, but with another related to it. Small and medium sized businesses are actually one of the most vulnerable targets of cyber attacks. The increasing number of CHFI online certification courses catering to forensic diagnosis and disaster recovery is a small testament to this fact.

According to many studies, it has been found that more than sixty per cent of small and medium sized businesses leave the market within a mere six months of a cyber attack. Now that is an eye opening and disturbing number. You would wonder that small businesses, upon hearing this would make adequate arrangements in their cybersecurity posture to protect their hard work. But that’s not the case. In another study, it was found that more than 60 percent of small businesses don’t even believe that they could be at the target of hackers at all. This proves the nascent stages that cybersecurity is in when it comes to SMBs, the drivers of all economic activity. Many entrepreneurs, CEOs and SMB owners do not spend adequate money, time and resources in strengthening their cybersecurity because they are under the false impression that their digital assets don’t need as much protection as the Walmarts and Amazons of the world.

Even as Certified Ethical Hacker certification becomes one of the top ten IT certifications of 2020, small businesses find it unnecessary to hire an ethical hacker to test the weakness of their systems and networks. There is no sugarcoating the fact that every individual or organisation has something that is valuable to a hacker. Being under the false impression that no one will attack you because there are bigger and better targets in the world is equivalent to turning a blind eye towards your responsibility for security. Experts have found that the claims stating that small and medium sized businesses don’t have enough resources, money or human power to afford security tools and implement threat detection systems, are not as true as they sound. With the use of cloud services and similar online systems, it does not take colossal effort on the organisation’s part to take sufficient cybersecurity measures.

Another reason why small businesses are the most vulnerable to cyber attacks is their lenient attitude towards cybersecurity. The unfortunate pattern of constantly underestimating the losses, damages and crippling powers of a simple cyber attack ends up digging the grave for many small businesses. Studies point out that more than half of the SMBs have suffered a ransomware attack, especially in the B2B sector. Another striking and eye opening statistic is that out of all the data breaches, 43% befall on small businesses leaving them to claw their way out of the ruthless post-breach rubble. In 2019, one in three data breach involved a small business indicating a fall in the 43% statistic. However, businesses are still not doing enough to protect themselves from opportunistic hackers. Having anti-virus and firewalls won’t cut it anymore. Regular cyber security audits, employee training, penetration testing, regular data backups, incident response strategies and many other measures need to be taken to adopt a holistic approach in protecting your resources. In a nutshell, small businesses need to think about long term cybersecurity if they plan to survive in the long run at all.