A recent study reported that small businesses are cybercriminals’ favourite target for two reasons: they have a lot worth stealing-such as bank-account information, customer data and intellectual property-and they often lack adequate security practices and infrastructure.
Cybercriminals have another incentive to go after small businesses: to get at bigger companies that they have relationships with. A cybercriminal will first compromise the website of a small company that has weak security and is a supplier to a larger company. Then once the larger company visits the smaller companies compromised website, the site will silently install a targeted attack payload on the larger companies
computer, which then breaches their network.
The Manufacturing sector has moved to the top of the list of Industries targeted. This is due to an increase in attacks targeting the supply chain, because contrators and subcontractors often possess valuable informtaion but have weak defences.
To protect your small business you can do the following:
1. assume you are a target
2. Educate your employees about the value of data and how to protect it.
3. Use data loss protection software on your network and encrypt your data to protect in transit, whether online or via removable storage.
4. Regularly update firewalls, antivirus and Web security solutions across your computer network.