Cybercriminals are taking advantage of the lack of resources available within smaller companies, and are now between 5 and 20 times more likely to be breached than large enterprises, according to new insights from Terbium Labs. This new data comes just over six months after Britain’s government-backed National Cyber Security Centre (NCSC) published a guide to small business online security, with the aim of better protecting themselves against online attacks.
Launched on 11 October 2017, the small business online security guide aimed to help firms make vital improvements to defend against cyberattacks, and educate owners about the need for online protection of company data. However, it seems that this guide is yet to make a real difference to UK small businesses in their aim to better protect themselves against large data breaches.
The guide was created following research, published by the department for digital, culture, media and sport in 2017, which found that nearly 45 per cent of all UK micro businesses had identified a cyber security breach in their operation in the last 12 months. This research also highlighted that, at the time, around a quarter of micro business owners still consider protecting against cyberattacks to be a low priority.
Danny Rogers, CEO at Terbium Labs commented: “Smaller companies make easier targets because they don’t have the resources to effectively defend themselves. Most attacks are automated, so it makes little difference to an attacker if they steal 1,000 personal data records from 100 smaller companies, or if they steal 100,000 personal data records from one company.”
He continued: “Large enterprise enterprises are, for the most part, much better resourced and therefore more difficult to attack, not to mention they are more readily able to investigate and prosecute. Because of this, we see as many as five to twenty times the number of data breaches coming from smaller sized enterprises compared to larger, more notable ones. These breaches get much less attention because the organisations involved draw fewer headlines, but unfortunately the risk to individuals and companies is just as great, if not greater, from these smaller, more numerous breaches.”
Terbium Labs warns that data breaches can be devastating to small businesses in an existential way that they are typically not to larger companies.
Danny commented: “UK small and medium sized businesses just don’t have the volume to absorb a big data breach event, and it can cause so much damage that entire businesses can be destroyed. At the same time, these organisations have far fewer resources, not to mention much more limited data sets, to combat the problem. Currently, they’re sitting ducks.”
Data breaches are inevitable today, but the damage organisations can suffer from them doesn’t have to be. More data was stolen in the first half of 2017 than in the whole of 2016, according to some estimates. The identity fraud community on the unindexed web is growing and sharing knowledge on an ever-expanding scale via handy guides which detail how to target specific types of business and overcome anti-fraud measures. But with the right tools in hand, organisations of all sizes can monitor the web for their compromised or stolen data.
Terbium Labs’ patented Matchlight technology creates one-way data fingerprints of client data with the data that is being collected by its web crawler, enabling companies to automatically search for their sensitive information without revealing it to anyone – not even Terbium.