Small business firms play an important role when it comes to the economy, but they are more vulnerable to cyberattacks.
At the time when Elena Graham, co-founder of Canada-based security service CYDEF, started selling cyber security software to smaller firms and businesses, business was relatively slow. However, now the demand is increasing, driven by a sharp rise in remote work that has exposed small businesses to cyberattacks.
Since the start of the year, business at her security firm has tripled reaching an all-time high. "It was a total head-in-the-sand situation. 'It's not going to happen to me. I'm too small.' That was the overwhelming message that I was hearing five years ago. But yes, it is happening." says Elena.
But with the booming security services, one can deduce that small businesses are comparatively at higher risk of being attacked by threat actors, than large businesses, as noted by Barracuda Networks.
The risks were dramatically bolstered by the global pandemic. According to a report by RiskReconm, a Mastercard company that evaluated companies’ cyber-security risk, cyberattacks on small companies surged by more than 150% between 2020-21.
"The pandemic created a whole new set of challenges and small businesses weren't prepared," says Mary Ellen Seale, chief executive of the National Cybersecurity Society, a non-profit that helps small businesses create cyber-security plans.
In March 2020, at the peak of the pandemic, a survey of small businesses by broadcaster CNBC concluded that only 20% planned on investing in cyber-protection.
Working remotely, during the pandemic, meant that more personal devices like smartphones, tablets, and laptops had access to sensitive corporate information.
Lockdown, however, put a strain on budgets, curtailing the amount of money businesses could invest in security. Cybersecurity and costly in-house experts were frequently out of reach. Consequently, the weak cyber-security infrastructure was prone to cyber-attacks.
With just one compromised supplier, cyber criminals could access networks of organizations further up the supply chain. According to Ms. Seale, "Large businesses depend on small businesses[…]They are the lifeblood of the United States, and we need a wake-up call."
Small businesses account for more than 99% of companies in the US and employ nearly half of all Americans, playing a critical role in the global economy. In regard to this, Dr. Kim says they are like the economy's "Achilles heel".
“They may be a small company but what they sell to large businesses could be very important. If they're hacked, [their product] won't be fed into supply chains and everything will be affected," Dr. Kim further adds.