Canadian Underwriter

Nearly eight in 10 small business owners in the U.S. don’t have cyberattack response plan, but 63% have had at least one incident: study

November 10, 2015   by Canadian Underwriter

Print this page Share

Nearly eight in ten surveyed small business owners in the United States don’t have a cyberattack response plan, even though 63% of them have been victims of at least one type of cyberattack, according to a study commissioned by Nationwide, a Columbus, Ohio-based diversified insurance and financial services organization.

79% of small business owners have no cyberattack response plan in place

The survey, released on Tuesday, focused on 500 U.S. small business owners with fewer than 300 employees and who have at least a moderate role in employee benefit selection, Nationwide said in a statement. According to the survey, 79% of small business owners have no cyberattack response plan in place. When asked why not, 46% said they feel their current software is secure enough, and 40% said they do not feel their company will be affected by a cyberattack. 

At the same time, 73% are at least “somewhat concerned” with a potential cyberattack affecting their business — especially since 63% of small business owners admit they have been victims of at least one of the following:

• Computer virus (44%);

• Phishing (30%);

• Trojan horse (22%);

• Hacking (16%);

• Data breach (11%);

• Issues due to unpatched software (10%);

• Unauthorized access to customer information (9%); and

• Unauthorized access to company information (8%).

The study also found that perceived ease of recovery contributes to the deprioritization of cybersecurity – virtually all small business owners (95%) are at least somewhat confident that they’ll recover from an attack. In the aftermath of a breach, there’s overall agreement that the actual data breach is quicker to fix (61% say it would take less than three months) than either the financial (45% say less than three months) or reputation/trust (49%) damages. [click image below to enlarge]

63% of small business owners in the United States have been victims of at least one type of cyberattack

Nationwide offers the following 10 tips to help small business owners and their insurance agents create a cybersecurity plan:

• Insurance – Acquire cyber insurance to cover losses in case of a breach or fraud;

• Perimeter – guard the physical perimeter to prevent hackers from accessing sensitive data and the company’s computer network:

• Employees – Educate employees, as they are the company’s first line of defence against cyber criminals;

• Firewall – Activate a firewall to block connections that are used to hack into the system and deliver viruses;

• Software – Install and regularly update spyware, antivirus and malware software to help prevent and detect any of those from affecting computers;

• Passwords – Use stronger passwords of 8-10 characters that include letters, numbers and special characters and change them regularly;

• Network – Secure wifi networks to prevent hackers from accessing servers or using the Internet connection without knowledge;

• Social – Set social network profiles to private and check security secure, and be mindful of information posted online;

• Data – Encrypt the most sensitive data, make a backup and store it in a fireproof safe or off-site; use a dedicated computer for all sensitive information; and

• Vendors – Carefully select online computing services, because any information shared with vendors can be compromised by their system.

Print this page Share

Have your say:

Your email address will not be published. Required fields are marked *