It’s not likely that the Russians will launch a cyberattack on a boat dealer. It seems they have a proclivity for interfering in elections. But the truth is that the majority of small businesses like marine dealers are vulnerable cyberattack targets and most — 79 percent — do not have a cybersecurity plan.
So says a recent study by Nationwide Insurance that revealed some surprising facts. For instance, 63 percent of small-business owners admitted they’ve been victims of at least one of the following: computer virus (44 percent), phishing (30 percent), Trojan horse (22 percent), hacking (16 percent), data breach (11 percent), issues because of unpatched software (10 percent), unauthorized access to customer information (9 percent) and unauthorized access to company information (8 percent). Even so, an unexpected 40 percent of survey respondents said they didn’t think they will suffer any attack.
Adding to this, last September the U.S. Securities and Exchange Commission reported that cybersecurity incidents against small- and medium-sized businesses rose from 48 percent to 60 percent. The reason: cyber thieves know large businesses are hiring security experts and are harder to hack. So they’re targeting more-vulnerable small businesses with weaker security and point-of-sale terminals.
The average cost of dealing with a cybersecurity incident is rising fast, too. It’s up from $8,699 just two years ago to $20,752 per attack now, according to the National Small Business Association. And how long does it take for a small business to recover from an attack? Longer than most small business owners think. Of those surveyed, 53 percent who had not yet been attacked believed the recovery would take less than a month. The truth, however, is that it could require a year or more.
To emphasize the need for dealers to take a potential attack seriously, it should be noted that Jane LeClair, chief operating officer of the National Cybersecurity Institute at Excelsior College, recently testified before Congress that “often, small businesses don’t even know they have been attacked until it is too late.” Further, she estimated that 60 percent of small businesses that fall victim to a serious cyberattack go out of business.
So what can a dealer do? For openers, here are four good tips, based on information from U.S. government sites, recommended by Mark Berven, president and COO of Nationwide Property & Casualty, and reported in “Casualproperty360eNews”:
Limit physical access: Guard your physical perimeter to prevent cybercriminals from accessing sensitive data and your computer network. Know who has access to your data and network. Reduce that number when feasible. Find out what’s being shared and if any hardware (such as laptops and USB sticks) is leaving the dealership, where and why.
Train employees: Employees are your dealership's first line of defense against cyber criminals. Train your staff. Discuss and test commonly used social media tactics, such as fraudulent computer offers and links. Be very careful selecting online computing services because information you share can be compromised by their systems. Set social network profiles to private and check security settings. And be mindful of what information you post online.
Strengthen passwords, secure Wi-Fi and run anti-virus software: Use passwords of eight to 10 characters that include letters, numbers and special characters. Change passwords regularly. Evaluate the feasibility of encrypting your most sensitive data, making a backup and storing it in a fireproof safe or off site. Use a dedicated computer for all sensitive information. Secure your Wi-Fi networks to prevent hackers from accessing your servers. Install and regularly update spyware, anti-virus and anti-malware software. Activate your computer network firewall to block connections used to hack into your system and deliver viruses, and set employee-permission levels for downloads.
Examine your potential for any liability: Look over any existing coverage or the need for cyber insurance to cover losses in case of a breach or fraud. Seven more free tips and resources for small-business owners can be found by visiting Nationwide research.