How Your SMB Can Beat Ransomware

Small businesses are incredibly important for the community, but there can be no denying that cyberthreats disproportionately impact SMBs. This is especially true for ransomware, one of the worst threats out there, that has the potential to end unprepared businesses. Ransomware locks down access to your computer systems and encrypts files, demanding a ransom in exchange for restored access. What makes small businesses such ideal targets, and what can you do about it?

Why Ransomware Targets Small Businesses

SMBs tend to think of themselves as smaller targets for ransomware and other cyberthreats, but this is far from the truth, and they could even be considered the prime target.

Due to SMBs’ limited access to expertise and IT resources compared to larger organizations, it’s often more difficult for small businesses to protect themselves from threats. What’s worse, just about any data stolen from these businesses has the potential to make the cybercriminal money, whether it’s someone’s login credentials or an entire organization’s financial information. The numbers don’t lie here, either—46 percent of all cyberbreaches impact businesses with fewer than 1,000 employees, and over 75 percent of ransomware attacks targeted companies of this size.

Worse yet, around one-third of companies targeted by ransomware attacks had fewer than 100 employees—definitely a reason to be nervous.

More Than a Ransom Is at Stake

The average ransom for small businesses is around $6,000, but the actual costs are significantly greater than that.

Downtime and lost productivity, for example, can seriously disrupt your organization as it attempts to get back on its feet following a ransomware attack. It’s reported that around half of small businesses take up to 24 hours or longer to recover from a ransomware attack, with some indicating that their web portals are inaccessible for anywhere between 8-and-24 hours. This naturally leads to a decrease in consumer trust, which can impact the amount of sales, clients, or customers you can land both in the wake of the attack and in the future.

And then there’s the actual monetary costs of fixing the problem, which are considerable. You have to hire specialists to identify and remove the ransomware, restore your systems, and strengthen your defenses, which puts strain on an already stretched budget. Furthermore, you could face fines due to non-compliance with data protection laws and lawsuits from affected customers. The fact of the matter is that most businesses—75 percent, in fact—cannot continue operating following a hit by ransomware.

Have we convinced you to take this seriously yet? Here are some actions you can take today to combat the threat of ransomware:

• Take regular data backups - Be sure to follow the 3-2-1 rule: three copies of your data, on two different media, with one copy off-site. Don’t forget to test these backups so you know they work.
• Have an update schedule in place - Security updates are mandatory if you want to limit your potential to vulnerabilities, so make sure you treat them as such—and implement automatic updates when and where you can.
• Train your team on cybersecurity practices - Your employees are on the frontlines, so make sure they’re prepared to identify and respond to potential threats with best practices and policies that reduce your company’s risk.
• Have a comprehensive response plan in place - You might want to hope for the best, but you should expect the worst. It’s better to have a plan and never use it than to not have a plan at all.

Preferred can help you address all of the above. To learn more about what we can do to protect your business from looming cybersecurity threats, contact us at 708-781-7110 today.