Small businesses new target of cyber attacks

CEBU, Philippines -  Very small businesses or VSBs are told to be vigilant against cyber attacks  as they are now the target of cybercriminals.

Small businesses are “soft targets” of cybercriminals since they lack focus on information technology strategy, Kaspersky Lab said in a statement.

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. Headquartered in Moscow, Russia, the 16-year-old company is ranked among the world’s top four vendors of security solutions for endpoint users.

Based on the Kaspersky Lab 2014 IT Security Risks summary report, VSBs with fewer than 25 employees are the least likely to view “IT Strategy” as a top strategic concern.

Among all the VSBs worldwide, only 19 percent reported IT Strategy as one of their top-two strategic concerns, compared to 30 percent of businesses with more than 100 employees, and 35 percent of enterprises with 5,000 employees or more.

Kaspersky Lab noted that the insights on VSBs and their vulnerability to cybercrimes have huge implications to a country like the Philippines, where almost all businesses are micro or small enterprises.

Kaspersky Lab believes that VSBs, which are often startups struggling to establish themselves, most often don’t have the money or IT expertise to properly implement vital IT components like security software.

“Every successful business needs an efficient IT strategy. Unfortunately, VSBs are not capable to correctly implement IT elements such as security software because they may lack the expertise or financial resources,” said Jimmy Fong, Channel Sales Director of Kaspersky Lab Southeast Asia.

Citing estimates by the International Data Corporation, Kaspersky Lab also revealed that 80 million businesses worldwide with fewer than 10 employees believe that they are too small to be targeted by cybercriminals.

However, the reality is that many VSBs adopt the “security by obscurity” mentality, believing that they are too small to be targeted by cybercriminals and don’t have any data that cybercriminals would want.

According to the Verizon’s 2013 Data Breach Investigations Report, 193 of the 621 breaches analyzed – more than 30 percent – occurred at companies with 100 or fewer employees.

Kaspersky Lab warned that cybercriminals will also need less effort to successfully attack numerous VSBs instead of a single larger business. And unlike larger enterprises with sufficient funds to recover from a cyber attack, small businesses may be driven to bankruptcy due to costs of lost customer data, significant time spent offline, and associated clean-up expenses.

“Small businessmen must realize that they are also attractive targets for cyber attacks because they may not have a proper anti-malware strategy or layered protection and they hold crucial financial and customer data,” Fong said.

Based on 2012 government figures, there are 944,897 business enterprises operating in the Philippines. Of these, 89.78 percent (844,764) are micro enterprises (one to nine employees) while 9.78 percent (92,027) are small enterprises (10 to 99 employees).

“Statistics show that micro and small businesses form virtually the entire Philippine economy. Just imagine the economic impact if a significant number of these enterprises are affected by cyber attacks,” Fong said.

The issue of cyber security among small businesses is also timely for the Philippines with the recent enactment into law of the “Go Negosyo Act,” a legislation that will give a major boost to the development of micro and small enterprises by helping entrepreneurs to register and start  their businesses, as well as gain access to sources of financing.

According to the Kaspersky Lab report, 32 percent of VSB survey respondents that lost business data from a cyber attack reported “Malware” as the cause of their most serious incident.

Because of these factors, Kaspersky Lab is recommending its Kaspersky Small Office Security as an investment that micro and small Philippine businesses should consider. It is built to include business-grade technologies in a form that doesn’t require IT expertise to operate. (FREEMAN)

Show comments