Cyber attacks on small businesses with less than 250 employees have tripled since 2011, according to Symantec’s 2013 Internet Security Threat Report.
The reasons that small businesses are becoming more popular with cyber criminals are as follows:
As compared to larger businesses, smaller businesses have no or limited cyber risk management controls and usually don’t have a dedicated risk manager.
New cyber thieves use small businesses as a training ground to prepare for later attacks on larger businesses. Furthermore, smaller businesses often grow through mergers and acquisitions and are frequently connected to larger businesses.
Taking on small businesses allows cyber criminals to avoid undue media publicity.
Certain smaller companies have intellectual property such as trade secrets that are valuable.
The widespread purchasing of cyber risk policies is starting to pick up steam in the small business community. Many General Liability carriers are now offering Cyber Risk endorsements for as little as $500.
Source: Cyber Liability: Small Business, Big Exposure; Elisabeth Boone; Rough Notes Magazine; August, 2013.