As a small business owner, you might not think about cyber attacks on a regular basis. However, they’re more relatable than you think. Since the COVID-19 pandemic hit in March 2020, the Canadian Centre of Cybersecurity reported that just over four in ten Canadians experience at least one type of cybersecurity incident.
A cyber breach is when an unauthorized individual or organization gains the ability to view, access, or retrieve data from another individual or organization. Cyber breaches typically involve stealing data to share with others, or stealing data and holding it for ransom.
Given that small businesses are top targets for cyber criminals and how simple some cyber attacks appear to be, how do small business owners feel about cyber attacks heading their way?
To better understand the way small businesses perceive their cybersecurity risks, we partnered with Leger, a Canadian market research and analytics company, to conduct a survey of 422 businesses representing different industries in 2020. We learned that:
- Only 29% of small businesses surveyed believe they are at a high risk of a cyber attack.
- Only 15% have implemented preventative IT and employee training.
- Only 11% have purchased cyber risk or data breach insurance.
Based on these findings, cybersecurity is often not a priority in risk management and business continuity planning for many small business owners.
In the unfortunate scenario that your small business falls victim to a hack, there are specific steps that you can take to recover from the breach and minimize your losses. Here are five tips on how to recover from a cyber breach; check out the video above, or take a look below!
- Do not unplug: We know that your gut instinct after experiencing a cyber breach may be to unplug and turn everything off right away. But shutting down a machine can delete valuable information on how the hack originated and the extent of the damage.
- Call in a pro: Bringing in someone who specializes in cyber attacks is a good next step after identifying a hack. They’ll be able to determine important details including the scope of the damage that’s been done. Once all the important information has been pulled by a specialist, they can help contain the situation.
- Communicate quickly:It’s not only best practice to communicate quickly if you’re hit by a cyber breach, it’s the law! In 2018, changes to Canada’s federal private-sector privacy law came into force. Organizations are now obligated to record and report any breaches of their security safeguards, and notify individuals that are affected by the breach if it could cause them harm. In a cybersecurity survey conducted by Cisco in 2019 of more than 2,600 respondents, 84 per cent indicated that they care about their data privacy.
- Fix the gaps in your security: The investigation you do following a breach will shine light on any vulnerabilities in your security system, and will allow you to fix any holes to help avoid future hacks. Investing in firewall and intrusion prevention systems can give you another layer of security against the threat of cyber attacks.
- Revisit your coverage: There are a number of myths associated with cyber risks for small business that can cloud your judgement and leave you vulnerable. Speak to your insurance provider about revisiting your policy to ensure you’re covered for the damages that a cyber breach can cause.
Only 15 per cent have implemented preventative IT and employee training.
Plan ahead to protect your business
With cyber attacks on small businesses on the rise, it’s important to know exactly what you need to do to get your business back up and running if you get hit by a cyber breach. The best athletes know how to pick themselves up after a hard hit or a tough tumble; the tips above can help you and your business do the same. Don’t let cyber attacks stall your business’ journey towards success!
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information. Terms, conditions and exclusions apply to coverage. See policy for details.