To better understand the way small businesses perceive their cybersecurity risks, we partnered with Leger, a Canadian market research and analytics company, to conduct a survey of 422 businesses representing different industries in 2020. We learned that:
Given that small businesses are top targets for cyber criminals and how simple some cyber attacks appear to be, how do small business owners feel about cyber attacks heading their way?
- Only 29% of small businesses surveyed believe they are at a high risk of a cyber attack.
- Only 15% have implemented preventative IT and employee training.
- Only 11% have purchased cyber risk or data breach insurance.
- Do not unplug: We know that your gut instinct after experiencing a cyber breach may be to unplug and turn everything off right away. But shutting down a machine can delete valuable information on how the hack originated and the extent of the damage.
- Call in a pro: Bringing in someone who specializes in cyber attacks is a good next step after identifying a hack. They’ll be able to determine important details including the scope of the damage that’s been done. Once all the important information has been pulled by a specialist, they can help contain the situation.
- Communicate quickly:It’s not only best practice to communicate quickly if you’re hit by a cyber breach, it’s the law! In 2018, changes to Canada’s federal private-sector privacy law came into force. Organizations are now obligated to record and report any breaches of their security safeguards, and notify individuals that are affected by the breach if it could cause them harm.
- Fix the gaps in your security: The investigation you do following a breach will shine light on any vulnerabilities in your security system, and will allow you to fix any holes to help avoid future hacks. Investing in firewall and intrusion prevention systems can give you another layer of security against the threat of cyber attacks.
- Revisit your coverage: There are a number of myths associated with cyber risks for small business that can cloud your judgement and leave you vulnerable. Speak to your insurance provider about revisiting your policy to ensure you’re covered for the damages that a cyber breach can cause.
Only 15 per cent have implemented preventative IT and employee training.