Hill Tech Solutions Again Ranked Among Maryland Most Elite Managed Service Providers in 2021! See Details

One mindset we encounter often in our discussions with business owners is this: “Hackers aren’t interested in my business. We’re too small.”

Well, maybe and maybe not. Small businesses presumably have fewer clients and fewer financial resources, so from that point of view it makes sense for hackers to target bigger enterprises. Why focus on Mom & Pop when you can go after the big bucks?

But flip that around for a second and understand that ‘fewer financial resources’ often translates to ‘soft target’ in cybersecurity terms. The small business probably will not have access to some of the security tools available to larger organizations.

In our experience, the bottom line is this: If you have employees and those employees use email, you’re a target. Let’s walk through some statistics (based on research conducted by ZDNet.com):

269 billion emails are sent every day. One in every 2,000 of those is a phishing attempt.  We’ll do the math for you: That’s 135 million daily phishing emails.

135 million. Every. Day.

Still feeling safe?

The “we’re too small” mindset fails to take this into account: Hackers don’t know whether there’s anything valuable to be had from your network until after they penetrate. Up to that point, they’re just looking for the path of least resistance, as all criminals do. That’s why about half of all ransomware attacks do, in fact, target small businesses.

See, it doesn’t really matter whether your systems contain anything of value to hackers … it’s of value to you, so they can just lock you out and demand ransom to let you continue running your business. Or they can use that access to send an email that looks just like it’s from you, requesting that clients pay their invoices via a new link (spoiler alert: you’ll never see that money, and you can’t bill for it again).

So, back to our ‘ifs:’ If you have employees and those employees use email (in other words, if you’re like 99.99999% of all businesses), they need to be trained to spot those phishing attempts. Your company hangs in the balance, and that’s no exaggeration.