Risk management controls are essential
Cyber attacks on small businesses with less than 250 employees have tripled since 2011, according to Symantec’s 2013 Internet Security Threat Report. The reasons that small businesses are becoming more popular with cyber criminals are simple:
Compared to larger businesses, smaller businesses have limited or no cyber risk management controls and usually don’t have a dedicated risk manager.
New cyber thieves use small businesses as a training ground to prepare for later attacks on larger businesses. Furthermore, smaller businesses often grow through mergers and acquisitions and are frequently connected to larger businesses.
Taking on small businesses allows cyber criminals to avoid undue media attention.
Many smaller companies have valuable intellectual property, such as trade secrets.
The purchase of Cyber Risk policies is starting to pick up steam in the small business community. Many General Liability carriers are now offering Cyber Risk endorsements for as little as $500.
Source: Elisabeth Boone, “Cyber Liability: Small Business, Big Exposure,” Rough Notes Magazine, August, 2013.