An increasing number of US executives expressed concern about the prevalence of threats from foreign powers.
How SMEs and startups can reduce the impact of cyber attacks
Mayer Brown cyber security and data privacy lawyer Stephen Lilley explains why SMEs and startups are particularly vulnerable to cyber attacks and data breaches.
Cyber security company AppRiver has released its Q4 Cyberthreat Index for Business Survey, focusing on the threats small and medium-sized businesses (SMEs) face in their transition to 2020.
The survey contains the opinions of more than 1,000 cyber security officers who work at SMEs in the United States. According to the survey, 93% of all executives think that nation states outside the country intend to digitally attack security or “invade cyberspace with companies such as theirs as access points”.
The AppRiver survey showed that the figure rose to a whopping 97% for larger SMEs, and two-thirds of respondents said the threats would increase in 2020. Executives involved in government, healthcare, pharmaceuticals, technology, telecom, transportation and logistics were most likely concerned about cyber attacks by foreign powers.
To control this threat, more than 60% of respondents said they intended to increase cyber security budgets by 2020.
SEE: Special report: a winning strategy for cyber security (free PDF) (TechRepublic Premium)
“It seems unusual for small and medium-sized companies to be concerned about foreign powers, but with the 2020 elections they have legitimate reasons to worry about vulnerable access points for external entities,” said Troy Gill, senior cyber security analyst at AppRiver.
“The silver lining is that they are actively planning to improve their security with new technology and better training for employees, which together form a powerful combination.”
The survey found that nearly 90% of all executives at companies with fewer than 150 employees said that cyber threats were “top-quality concerns for their company”. The figure rose to 93% for companies with a maximum of 250 employees.
One of the most alarming aspects of the report was the growing prevalence of cyber threats for even small businesses. More than 75% of executives at small businesses and 80% of them are medium-sized businesses, AppRiver researchers said cyber threats now had a noticeable effect on their industry, the highest figures recorded this year.
“In 2019 we saw cyber attacks on our government drip down from large agencies to smaller local municipalities and schools,” said Dave Wagner, CEO of Zix, who owns AppRiver.
“That follows the pattern we’ve seen in business, where attacks have been extended from large companies to small and medium-sized companies. Although these attacks can come from anywhere, survey data shows that SMEs believe that foreign actors and even national states may addressed them as a first step toward access to larger companies or government agencies, “he added.
Companies were surprisingly candid in the survey about their ability to resist an attack. More than 70% of respondents told AppRiver that a cyber attack would harm their company and another 22% said their company would not even survive an attack. That number increases to 30% for companies with a maximum of 250 employees.
The companies that were most afraid of not surviving an attack by cyber criminals were in industries such as education, financial services, insurance, technology and telecommunications.
The survey also notes that the holiday season is particularly worrying for security officials because most employees shop from their work equipment or computers, open businesses to a whole range of cyber threats from fake ads, or dubious deals.
More than 80% of respondents from companies of all sizes said they knew that many of their employees would shop online at work. That number rose to 90% for large companies.
“The latest research results show that as companies become more dependent on technology – with more planning accepting AI – and as global boundaries fade into cyberspace, increased cyber threats are expected to become a reality for all companies, regardless of size or industry,” concluded AppRiver researchers in the survey.
“It is possible that as a small business grows, it becomes a more likely target for bad actors. It is also possible that small businesses with cloud-based services with built-in security and fewer employees have fewer vulnerable access points, such as this year’s growing attacks on local municipalities, schools and small hospitals have demonstrated that smaller organizations can no longer count on flying under the radar and are being ignored by cyber criminals. ”
Cyber Security Insider Newsletter
Strengthen the IT security of your organization by staying up to date with the latest news, solutions and best practices for cyber security.
Delivered on Tuesday and Thursday