Oct 15 2019

Surely, you don’t mean me…

Yes, I do – and stop calling me Shirley.

For the past few weeks, I’ve been on the phone (at least twice a day) with a business owner and the recovery team working frantically to restore services after a particularly virulent ransomware attack. We’re only now moving into forensic mode – determining what happened – after a difficult and arduous restoration process. Not only were the recent backups encrypted, the old backups were corrupted. Ugh.

I’ve had similar engagement with owners at a rate of approximately once per month. And I’m just one cyber professional… I’m sure my colleagues in the industry are fielding similar calls at an equal or greater rate.

Some statistics from a recent CNBC article:

  • According to Accenture, 43% of cyber attacks are aimed at small businesses, but only 14% are prepared to defend themselves.
  • These incidents now cost small businesses $200,000 on average, reveals insurance carrier Hiscox, with 60% of them going out of business within six months of being victimized.
  • More than half of all small businesses suffered a breach within the last year.

This quote floored me:

“At the same time, though, according to Keeper’s Security 2019 SMB Cyberthreat Study, 66% of senior decision-makers at small businesses still believe they’re unlikely to be targeted by online criminals. Similarly, 6 in 10 have no digital defense plan in place whatsoever, underscoring the need for heightened industry awareness and education across the board.”

If you’re a business owner, I implore you – please call a cybersecurity professional to discuss your digital defense plan. You can include your IT professional or managed service provider, but you need to have this conversation with a specialist. Surely, this means you.