The Better Business Bureau has released a report that shows half of all small businesses could not stay profitable for more than one month if they lost critical data.
The BBB report,
The State of Small Business Cybersecurity in North America (PDF) (released as part of National Cybersecurity Awareness Month), focuses on cybersecurity effectiveness from three perspectives: a) cybersecurity standards/frameworks; b) best practices; and c) cost-benefit analysis. While somewhat comforting that businesses are using antivirus software and firewalls, just half have a measure in place to educate employees.
"Profitability is the ultimate test of risk," said Bill Fanelli, CISSP, chief security officer for the Council of Better Business Bureaus and one of the authors of the report. "It's alarming to think that half of small businesses could be at that much risk just a short time after a cybersecurity incident."
"Small business owners get it," Fanelli continued. "When we asked them about the most common cybersecurity threats - ransomware, phishing, malware - they know what's out there, and most of them have basic protections in place. For instance, 81 percent use antivirus software and 76 percent have firewalls. But one of the most cost-effective prevention tools, employee education, is used by fewer than half of the companies we surveyed. Other prevention measures scored even lower."