2020 Just Got Spookier: 3 Cybersecurity Statistics for Small Businesses
Ransomware is something that we’ve blogged about on numerous occasions. If you’re unfamiliar with it, it’s a form of malicious software designed to block access to a computer system or data, often by encrypting data or programs on information technology systems to extort ransom payments from victims in exchange for decrypting the information and restoring victims’ access to their systems or data.
$100,000
The average amount small businesses are expected to lose over ransomware incidents in 2020.
Why it’s Spooky
Hackers know that small businesses, local government agencies, hospitals, and school districts are more vulnerable due to lack of resources to invest in cybersecurity protection so they take advantage of this.
43%
The percentage of small businesses who have or will experience a security breach in 2020.
Why it’s Spooky
There are nearly 31.7 million small businesses in the US alone. By this metric, over 13 million small businesses will have endured a security breach in 2020, adding to the nightmare of 2020 for small business owners.
3.5 Million
The number of unfilled cybersecurity jobs predicted by 2021.
Why it’s Spooky
This tells us that the candidates who are applying for these positions are unqualified and not nearly as skilled as the malicious actors they’d be in cyber combat with.
Bonus Spooky Statistic
If those statistics weren’t quite spooky enough for you, the increase in ransomware attacks against small businesses since the COVID pandemic began caused the Department of the Treasury to issue an advisory associated with making ransomware payments related to cybercriminal activity.
The Dept. of Treasury released an advisory associated with making ransomware payments related to cybercriminal activity.
Here are some highlights:
- Ransomware attacks have increased during the pandemic, as malicious actors target computer systems used for conducting business at home with less cybersecurity. Businesses who are victims of ransomware attacks should be aware that they are at risk of violating U.S. sanctions if they engage transactions with malicious cyber actors, even if they believe that paying is the only way to get their data back.
- Even though the impact of a ransomware attack on a business can be severe, the government does not consider economic coercion or catastrophic financial consequences to excuse violations of these laws.
Takeaway Thought
Every position (IT or not) is also a cybersecurity position now. Employees are the first line of defense, so it’s important to educate and train them as such.
If you’d like to speak with us about cybersecurity training for employees, please contact us here.