When it comes to cybersecurity, small business owners apparently are not worried about their business being hacked, a new survey found.
In addition, the survey also said 90 percent of small business owners are at least somewhat confident that their business would be able to recover from a hack, should it happen, according to the report from Paychex.
The report found 68 percent of small business owners are not worried about their business being hacked.
Over 70 percent of cyber attacks target small businesses, and the cost of recovery can be enough to permanently force an organization out of business, according to the National Cyber Security Alliance.
“Small businesses are particularly vulnerable because they often possess richer data sets than average consumers, but generally lack the protections most larger businesses have in place,” said Todd Colvin, senior director of data systems and security at Paychex in a post.
While the majority of Paychex’s survey respondents do not fear a cyber attack, some admitted they understand they could fall victim. Ten percent of those surveyed reported having been the victim of a small-scale attack and 9 percent suffered from a large-scale attack such as WannaCry.
It’s not always professional cybercriminals who are the problem. Employees can present a problem also. Of those surveyed, 10 percent said they had discovered an employee inappropriately disclosing confidential business information online, either accidently or purposefully, and 9 percent suspected an employee of doing the same.
“Hiring the right employees who possess similar values from the start can have a positive impact on an organization’s overall security,” Colvin said. “Conducting a thorough background check is a critical component to making the right hire and is a step in the hiring process that should happen no matter what the position.”
Taking basic, yet critical, steps can help reduce the odds cyber thieves break into systems. Here are five cyber security best practices:
1. Don’t cut corners on data protection
2. Protect your systems with strong passwords
3. Train your employees to spot and report malicious emails
4. Set rules for personal device usage
5. Back up your data regularly