In recent years, SMEs have become a new target for cyber security criminals. This is due to a number of factors including the migration of data to the cloud, the use of cloud controlled POS systems, and increased connectivity. As SMEs are often unprepared for a cyber-attack, this also makes them an easy target and puts them in a more vulnerable position than large corporations.
The infographic by OBF below outlines some of the top threats for SMEs in 2017 including; Internal threats, mass malware increases and Internet of Things (IoT) hacking.
What are the Top 3 cyber threats?
Internal threats are an easy way for cyber criminals to operate. In most cases this happens when an employee has their credentials compromised, usually by human error. Even with the most secure policies this is a difficult risk to manage. The University of Erlangen-Nuremberg presented results from a study on phishing at the Black Hat security conference last year which discovered that when tested, 45% of participants clicked an unknown link despite 78% of participants claiming to be aware of the risks.
Malware, or malicious software is designed to affect the impact of the user experience on a computer or device. The main end goal with malware is to target credit card data. It can also be used to target and corrupt files and systems. While credit cards were traditionally targeted online, the POS systems are now becoming a popular target. Internet security has tightened, while the 60% of POS sales which use credit cards are a new target.
IoT is automating the way we live, with everything from smartphones to refrigerators to alarm systems connected via the internet. These connected devices pose a risk as they are easy to overload and shut down. A study by HP found that 70% of Internet of Things Devices are vulnerable to hacking or compromise.
The average data breach exceeds €3 million globally with DDoS attacks costing an average of €400,000. Cyber insurance is a growing field, with many major specialist insurers offering this. If you are using connected technologies or manage, process or store personal or financial information for customers, this risk management strategy may be worth investigating.