Presented by Verizon

By: Andy Brady, Great Lakes Market President, Verizon

Throughout the month of May, our communities have stepped up to support small businesses in the name of Small Business Month. One angle that isn’t talked about enough is what challenges small business owners face in today’s technology landscape – challenges outside of the simple competition to get customers in their doors. I’m waving a red flag on the greatest financial threat many small business owners can face so that they don’t find themselves waving a white flag towards an anonymous hacker holding their information, locking up their capabilities, or preventing normal operations that impact the bottom line. Small Business Month is a time of great promotion, but also a great time to assess and take our security seriously.

Verizon’s 17th annual Data Breach Investigations Report is now out and it shows how bad actors are utilizing the digital landscape to take advantage of victims. If there’s one statistic every business owner should remember from this year’s report, it’s one that actually comes straight from the FBI – the median loss associated with ransomware and extortion breaches is $46,000. That’s a lot and it’s an amount that can set businesses back years, or create the risk that the doors could close for good.

Analyzing Attacks

The top shift we’re seeing involves attackers exploiting the vulnerabilities of businesses. This targeting almost tripled (180%) from last year. Ransomware is now a threat across the board, with 92% of industries regarded as targets, and extortion is on the rise as well. To be clear, ransomware is the encryption of data to make it inaccessible, while extortion is the direct stealing of data. What’s interesting is that we’re seeing ransomware actors shifting more towards extortion techniques.

While ransomware and extortion can hold your business hostage, so can Denial of Service attacks. These will lock up key functions of your business to prevent you from moving forward. These attacks can’t be overlooked because while we didn’t see as much of a rise, they still make up a majority (55%) of incidents in 2023.

Strengthen Support

It’s important to talk to experts and rely on the relationships you can build with your network, your internet, and all telecommunication products tied to it in running your business. When we talk to business owners, our representatives have a series of questions to make sure they get to know you, how you operate, and what vulnerabilities you may already know exist along with those you don’t know exist.

Any device that’s connected to a network or internet can be at risk, so assessing just how interconnected everything you have can be a great exercise in knowing your risk. Verizon teams know how to evaluate network security to better secure it from hackers and malware attacks.

It’s not just the devices in your stores or anything in your possession. Our employees are more connected today to their jobs than ever before, and that means connections directly to their own phones. Using products like Lookout, which scans for any malicious activity on a phone and even helps prevent phishing attempts, can be a great line of defense. What happens on employee phones, if they’re connected to sensitive information or networks that can access information, plays a big role in your security. Mobile device management, whether you need employees to download these security tools to access programs on their own phone or if it’s a company owned device, is proving to be a critical step that is getting more important.

Enabling Your Team

One of the most significant elements in protecting a business is having every person within informed, enabled, and ready to handle threats as they identify them. The human element was a component in 68% of breaches. Errors alone account for 28% of breaches – that’s a number we’ve underestimated for years.

Here’s the bad news in the human element – cybercriminals are becoming more sophisticated with their attacks becoming more numerous and more varied. Malware attacks increased by 46%. Attackers are shifting their focus towards attacking people rather than specific devices, and are using mobile devices more often to gain access.

We also need to find a balance of trust and checks on our teammates. It’s disappointing, but while external actors accounted for 65% of breaches, this year’s report found a whopping 35% of breaches are from internal actors. A massive increase from last year’s 20%.

We are seeing a decline in breaches involving the human element thanks to security awareness exercises. When businesses we examined ran phishing simulations, 20% of employees reported the email without opening it. 11% opened the email but also reported it. That response is up from previous years. What’s concerning is the median time for users to fall for phishing emails is less than 60 seconds, so when it does happen, it happens quick. It’s very difficult to counteract once the human wall of security is breached. We’re getting better, but the room for growth is very much still there.

If you’re looking for somewhere to seek help in addressing many of these issues – look to your telecommunications provider. The relationship built in supporting businesses with IT infrastructure, working models, and digital transformations that bring about massive changes to efficiencies all need to be handled with care and focus. At Verizon, we work hard to make sure our representatives know what they’re doing in evaluating a business to make it as secure as possible in the face of evolving threats.