Why Are SMBs Targets For Hackers?


Small to medium-sized businesses, or SMBs, are at the most risk for hacks. If your business has fewer than 1000 employees, there’s a good chance that you’re at risk. Let’s explore why and how hackers target SMBs and how to tighten up your enterprise to avoid a breach.

What Makes SMBs At Risk For Hacking

One of the main reasons small to medium businesses are at risk for hacking is a lack of understanding. As an example, a recent survey showed that 87% of SMB owners don’t believe they are at risk. This is probably why 33% of SMBs have no preventative measures in place. More alarming, though, are these two facts. First, ⅔ of SMB owners aren’t worried about hackers, cyber criminals or employees stealing their data. Furthermore, ½ of SMB owners think a hack would have no effect on their business. These false perceptions make it easy for SMBs to devote fewer resources to IT which has made them the favorite target of cyber criminals. smb1.jpg

The Scary Stats About SMB Data Hacks

The same research by Manta found :

  • 62% of victims of data theft are small to medium-sized business.
  • 73% of SMBs have already experienced a cyberattack.
  • 90% of data breaches are traced back to SMBs.

In addition to the high risk and actual breaches, the stat that should be most concerning to SMBs is 60% of breached small to medium-sized businesses shutter within 6 months of the event.

What is it that makes SMBs so vulnerable? A lack of resources. Smaller enterprises generally do not have IT support and instead rely on a few “tech savvy” employees to help with things like difficulty connecting to a printer. These companies also often don’t have proper safeguards in place.

  • Nearly 90% of SMBs do not have a security policy. In addition, 83% don’t have a way to monitor regular password changes.
  • Nearly 60% don’t have a response plan outlining what to do in the event of a breach.
  • Half of SMB employees use easily hacked passwords.

Practices To Implement As An SMB

There are simple, in-house measures small to medium-sized business owners and managers can take to protect themselves from vulnerability.

Train Staff

Knowledge is power, so arm your staff with information to help reduce our risk. Writing a policy takes time, and is necessary but start with informational training and letting staff know that a policy will soon be in place.

  • Educate staff on the importance of strong passwords. Suggest using a password generator instead of common passwords which are easily hacked.
  • Teach them to spot compromised emails. Phishing scams are significantly more sophisticated than when they started. Make sure that staff is trained on which emails to delete.

Stay Up To Date

Never ignore patches. These updates keep your network protected. Just one unprotected computer puts your entire network at risk.

Develop Policy

Your SMB must have a technology policy in place that covers everything from BYOD to changing passwords regularly. Educating and holding staff accountable will reduce your risk and save you time and money in the long run.

Partner With Pros

CRA offers a cost-effective solution for SMBs. Traditionally, SMBs have forgone effective IT for financial reasons. Instead of employing an IT department, learn how CRA can help you. We partner with firms to offer scalable IT services that pinpoint your exact needs and keep your data and network secure.