After several difficult months plagued by coronavirus, small business owners across the country are preparing for the day they can finally and permanently reopen their doors.
The pandemic has seriously impacted the health of businesses everywhere, and for most employers, getting back to business cannot come soon enough. But while businesses across the country prepare to welcome back their customers, hackers and cyber criminals are actively infiltrating and exploiting small business databases.
Cyberattacks have skyrocketed worldwide as criminals capitalize on the confusion and anxiety surrounding the coronavirus pandemic. In a recent press release, the Federal Bureau of Investigation characterized the number of online schemes to swindle both businesses and individuals out of money and personal data as “truly breathtaking.”
As the U.S. economy reopens, small business are particularly vulnerable to renewed and increasingly sophisticated cyberattacks. In fact, an estimated 43% of all cyberattacks involve small business victims. Unlike government agencies and large corporations, many small firms don’t believe they are attractive or high-profile enough to be targeted by cyber criminals, and subsequently neglect investing in the cyber protections needed to prevent unauthorized breaches. Hackers know this well and have perfected the practice of accessing, stealing and selling private and proprietary information stored in small businesses’ data systems.
The long-term consequences of falling victim to a cyberattack can be severe for small businesses seeking to regain their footing after the economic fallout of the COVID-19 pandemic. In 2019, a single data breach cost businesses an average of $200,000, and studies show that 60% of small business victims go out of business within six months of experiencing such a breach.
It has perhaps never been more important to develop and implement a strong cybersecurity strategy, and small businesses should take quick and decisive action. Recently, the Cybersecurity and Infrastructure Security Agency, or CISA, published chapters one and two of a six-part series designed to provide business leaders with recommendations and guidance for strengthening and cultivating a culture of “cyber readiness” across their organizations.
Earlier this year, I introduced the bipartisan SECURE Small Business Act to help small business owners access information on data protection best practices and enable them to band together to purchase cybersecurity products at lower prices. By prioritizing cyber strategy and investment, small business owners can foster organization-wide cultures of vigilance and risk-mitigation while instituting policies and procedures to keep data secure. Small businesses should also assess how dependent they are on information technology and the safeguards they have in place to keep their data secure.
After months of lockdown, small businesses now have a unique opportunity to shore up their cyber defenses and protect their employees, customers, and livelihoods from cyberattacks. A strong cybersecurity strategy is no longer a luxury — it is a necessity. And small businesses should adapt to the new cyber landscape as we prepare for the post-COVID era.
Sen. Jim Risch serves as chairman of the Senate Foreign Relations Committee and is a member and former chairman of the Senate Committee on Small Business and Entrepreneurship.