🛡️ Why you should care about cybersecurity 👀

The first thing I want to address in this newsletter is why you should care about properly locking all your virtual doors and windows. Next time I’ll tell you how to do it.

Most of the time, hackers don’t attack businesses for fun. Sure, many enjoy doing it, but that’s not the point. The point is, almost always - to generate money.

They do it in many ways:

• If you’re storing your customers’ emails, they can sell that database to someone sending spam emails

• If you have a running server somewhere, they can install malware needed for Distributed Denial of Service attacks (DDoS), and then rent that service out

• If you have a website - they can redirect your visitors elsewhere and serve them ads (for which they’ll generate profits!)

• If you’re storing your customers’ sensitive information (full names, postal addresses, phone numbers), they can threaten to release the data online, which could result in a fine from the local data regulator, and ask for money to keep the data private

They’re only limited by their creativity, really.

Large enterprises hold more valuable data, true, but they’re also generally more secure. Imagine a street with many houses - there’s a big villa that probably holds a Rembrandt, a few fancy vases, and a few Ks in cash. But, it also has guards, dogs, cameras, and a high-pitch alarm. Right next to it is a normal, two-bedroom home with the doors practically open.

Who do you think our imaginary criminal will target first? A 65-inch Samsung TV is easier to sell than a Rembrandt, anyway…

Don’t just take my word for it - check out this piece of news that went out this summer: “Cyber extortion sees huge rise — and small businesses are four times more likely to be hit.”

So yeah, if you haven’t been already - you’ll definitely be targeted sooner or later.

“But Sead, who cares if they copy the emails I have on file? It’s not like I’ll lose them,” I hear you say. Oh, you’ll lose them alright. The emails, along with your money, many of your customers, and more.

Risking it all over emails

Here’s what you’re risking:

• The hackers can encrypt your emails, change the passwords for online services, or bar you from accessing your files in other ways, and then ask for money in exchange. If you’re running a newsletter, and don’t remember all your readers’ emails (which I genuinely hope you don’t), your entire business model will be disrupted indefinitely

• People don’t want to do business with hacked companies. Just Google “how to restore trust after cyberattack” and you’ll see what I’m talking about. If you get hacked, and word gets out, your customers will go elsewhere (and if you try to hide it, the government will have a field day with you). Heck, 60% of hacked businesses shut down six months later - guess why?

• In certain jurisdictions (for example, Massachusetts), the law requires businesses to provide free credit monitoring for at least 18 months, to all customers whose Social Security Numbers were stolen. That could mean major expenses (between $100 and $350 per customer).

• To fix a cyberattack, you’ll need to hire third-party experts and that will simply burn through your wallet. For a typical breach at an SMB, total costs for an incident response can range from $10,000 to $100,000 (that includes an investigation, containment, and remediation).

To surmise - you should definitely care about your cybersecurity. You’re not being paranoid for thinking crooks are out to get you - you’re being gullible thinking they’re not. And you could lose a lot - your entire business is at stake. 

That’s it for this week, folks! Next week, I’ll share some of the basic tips on keeping your virtual premises secure.

Until next time!

• Sead from SmallBiz CyberWiz