Cyber security is an ongoing challenge for businesses, with the addition of an ongoing global pandemic heightening the challenge.
Certainly, our research in this area backs this up. This year the Verizon Data Breach Investigations Report examined more breaches than ever before, including a record 83 contributors that demonstrate how the most common forms of cyber-attacks affected the international security landscape during the global pandemic. Our team of security experts analysed over 29,207 security incidents of which 5,258 were confirmed breaches (a significant increase on the 3,950 breaches analysed in last year’s report). Not surprisingly, the conclusion is that, regardless of size or industry, organisations will always face a risk of cyberattack.
With many small to medium businesses, across a variety of sectors including professional services, being forced to work remotely in the peak of the pandemic and slow introductions to working back in the office, the risk of cyber criminals attacking is increased, specifically through ransomware and phishing.
As cyber attackers are getting smarter, we need to parallel this response.
Data breach gap between SMBs and larger organisations lessened
The smaller the business the lesser the risk of cyber attacks, right? Wrong. This is not just an issue for global corporate companies — no business is too small for cyber attackers to know about or come into contact with.
In last year’s DBIR report, small and medium businesses accounted for less than half the number of breaches than large enterprises. However, in this year’s 2021 report, the gap has significantly decreased with 307 breaches in large organisations and 263 breaches in small organisations, placing SMBs in the same bracket of risk. It is worth noting that it’s not always a direct attack, attacks within the larger supply chain may also have a devastating effect on smaller businesses.
The DBIR report has found large enterprises have improved their response to finding breaches within “days or less” in 55% of the cases, with smaller businesses falling slightly behind at 47%. This is a small gap, but a gap nonetheless. With the same cyber risk level, smaller organisations can no longer turn a blind eye to security measures, they need have robust cyber security systems in place to protect their business against any threats or attacks. And breaches can come at a price. In our analysis on the impact of a breach on businesses, we found that the median for incidents with an impact was $21,659, with 95% of incidents falling between $826 and $653,587, which is a large amount for any businesses to pay out, especially during heightened business pressures of the pandemic, and it may significantly hinder their business recovery. Of note the Australian Strategic Policy Institute recently released a report on the global rise of ransomware, noting that, “Not only are Australian organisations viewed as lucrative targets due to their often low cybersecurity posture, but they’re also seen as soft targets.”
Key takeaways from DBIR 2021: Phishing and ransomware
Phishing is growing, and it was recorded present in 36% of the breaches in the DBIR dataset, as opposed to 25% last year, an increase of 11% - but many businesses simply don’t know what it is, or how to detect it. Since the report launched 14 years ago, the DBIR has consistently reported around a 25% year on year increase in phishing attacks, and it remains one of the top action varieties in breaches for the last two years.
Ransomware is also on the rise and appears in 10% of breaches, which is double the frequency from last year. Majority of businesses are forced to make decision to pay ransom or not. That has not been seen before. This is not a matter of whether the business pays, or whether they will leak the data. The tone has changed and organisations are in a difficult position to make that decision, so having a plan on how to react to being breached by a ransomware attack is very important.
Preparing for the unpredictable
You can never be too prepared when it comes to cyber security. Having a cyber security plan in place is a business imperative. Having the right systems in place is a key part of becoming threat ready. Cloud computing security is crucial to diminish cyber attacks and prevent financial and reputational downfall. As well as this, implementing multi factor authentication on sensitive business documents will be essential to prevent potential theft of credentials.
Everyone who has touch points with the business should be aware of what they need to be doing to prevent any potential attack or breach. There will always be human errors that come into the mix, with the DBIR reporting that 85% of breaches involved a human element. It is unlikely these errors will ever completely disappear, however with the right education and training for all members of staff, stakeholders and customers, on the direct and indirect cyber risks, this figure should decrease significantly.
What is next for small and medium businesses?
While the pandemic has heighted and highlighted the risk of cyber attacks, they are not a new phenomenon. Data breaches and cyber attacks are, and always will be, daunting — but being prepared to handle these efficiently while having the correct protocols in place to prevent attacks will place businesses in a good position.
It is clear from the Data Breach Investigations Report that by virtue of size, being an SMB does not rule out of being a target for cyber criminals. As small businesses grow and develop, so do cyber criminals, however with strong security systems in play and effective employee management, business managers can be confident they have undertaken the right cyber preparation to prevent attacks and minimise business risks.