Contrary to the belief that data breaches only affect larger organisations like Optus and Medibank, statistics reveal that small businesses are also highly susceptible.
In fact, a staggering 43 per cent of data breaches involve small business victims. This highlights the importance of recognising that no company, regardless of its size, is immune to such incidents.
The 2022 Data Breach Investigations Report by Verizon further emphasises the vulnerability of very small businesses. It reveals that these businesses are at a particularly high risk of facing malware, ransomware, brute-force attacks, and social attacks. The report even suggests that a single incident of a data breach can be catastrophic for these small businesses, potentially jeopardising their survival.
According to Raghu Nandakumara, Senior Director and Head of Industry Solutions at Illumio, the persistence of ransomware attacks among small businesses can be attributed to several factors. One key issue is that many small businesses rely solely on traditional prevention and detection toneeded to be were not designed to effectively contain and stop the spread of breaches.
Nandakumara explains that many small businesses continue to rely on traditional prevention and detection tools that were not designed to effectively contain and stop the spread of breaches. He emphasizes that businesses should focus on building resilience against failure through their ability to contain the spread of a ransomware attack, rather than relying solely on outdated tools.
Furthermore, the recovery plans implemented by many small businesses are often inadequate or have not been thoroughly tested. This renders them ineffective when a real incident occurs, leaving businesses with no viable option other than paying the ransom to quickly restore operations and productivity levels.
Ransomware actors are also well aware of the shortcomings of recovery plans and deliberately target organizations and operators of essential services where such deficiencies exist. They do so because they know that these targets are more likely to pay the ransom, increasing their chances of monetary gain.
To address this issue, Nandakumara suggests that a combination of technology and legislation is required. He emphasizes the importance of implementing the right security architecture, including Zero Trust tools such as Zero Trust Segmentation and endpoint detection and response (EDR) solutions, to eliminate the spread of breaches effectively.
Moreover, it is crucial to realise that paying ransom only perpetuates the cycle of attacks. The more profitable an attack is, the more cybercriminals will engage in such activities. Therefore, the eradication of ransomware requires legislation that makes paying ransoms illegal.
When engaging with business owners about their reluctance to implement security systems, there are common sentiments expressed. They often state that their detection and response capabilities or their existing disaster recovery plans are sufficient for protection. However, it is important to emphasise that neither of these solutions provides a foolproof defence against the impact of ransomware.
Nandakumara further emphasizes that paying a ransom goes beyond financial implications and can result in the suspension of business operations and damage to reputation. Paying a ransom goes beyond the financial aspect; it disrupts business operations and can damage a company’s reputation if the attack becomes public knowledge. To drive this message home to those at risk, it is crucial to emphasise that every business is vulnerable to ransomware attacks. Ransomware has become the most common form of cyber attack, so it is no longer a matter of if an organisation will be targeted, but rather when. Adopting an “assume breach” mindset, where the focus is on breach containment rather than prevention, is essential to isolate ransomware at its point of entry.
Furthermore, it is necessary to increase education among IT teams about the evolving nature of ransomware. Cybercriminals employ increasingly sophisticated techniques to evade cybersecurity measures, rendering detection-only systems insufficient. Organizations must implement proactive protection methods to safeguard against these new breeds of attacks.
These findings highlight the critical need for small businesses to prioritize and invest in robust cybersecurity measures. It is essential for them to understand that their size does not make them invulnerable to cyber threats. By implementing effective security protocols, including preventive measures against malware, ransomware, and social attacks, small businesses can significantly reduce their risk and protect their valuable data.
Keep up to date with our stories on LinkedIn, Twitter, Facebook and Instagram.
