Throughout the Covid-19 pandemic, businesses have dealt with many unprecedented challenges. A surge in e-commerce, pivot to a remote workforce, and rapidly accelerated digital transformation have exposed new vulnerabilities that hackers can exploit. As a result, cyberattacks across the globe grew 400 percent in 2019 and 2020 combined. Small businesses, in particular, often don’t have the resources to invest in protecting their data and assets online.
“43% of recent cyber attacks directly target small businesses,” explained Ibrahim Alhussain, Director of the Mt. Hood Small Business Development Center. “These attacks lead to massive losses in money, assets, and reputation. According to published studies by Small Business Trends in 2020, 60% of SMBs victimized by an attack were forced to close their doors within six months.”
To address these challenges, Technology Association of Oregon (TAO) partnered with the Oregon Small Business Development Center (SBDC), Mount Hood Community College, and Mastercard to offer a series of educational webinars about protecting your business online. The goal of the series was to enable small business owners to learn the fundamentals of cybercrime and equip them with the knowledge to do business online safely and securely.
“We know how crucial basic cybersecurity knowledge is for small businesses,” said Cara Turano, Chief Operations Officer at TAO. “Understanding the day-to-day risks empowers business owners to protect themselves and their customers.”
To help series participants expand their cybersecurity knowledge, members of Mastercard’s Cyber Intelligence & Solutions team started by providing an
overview of cybercrime, who cyber criminals are, and how they use the dark web to commit crime.
“Common cybercrime campaigns involve breaking into your digital business, stealing your data, and then going after your customers by sending them phishing emails to get their personal information,” Rebecca Ledingham, Global VP of Cybersecurity at Mastercard, explained to webinar participants. “This is obviously not good for you, it’s not good for the business environment, and it’s not good for the consumer.”
One crucial component of cybersecurity for business owners is third-party risk. It’s easy to think that an online business operates independently. But any company that accepts credit card payment data has to connect to a service provider that has access to its digital environment and therefore does not function in isolation. In fact, the typical organization has 22 internet-facing assets.
“It could be a hosting provider, your social media provider, even your internet of things. You might have a CCTV camera or smart printer that’s all on the same network as your business,” says Ledingham. “You are connecting to other people, and you don’t own their infrastructure, security, and how they protect your business from being made vulnerable by their business.”
Due to the high demand for this series’s practical advice, TAO and the Oregon SBDC plan to run more cybersecurity programming in 2022.
“Small businesses are the backbone of the local and national economy and a means of livelihood for many in the community,” Alhussain said. “Safeguarding assets and those of the people that work for a small business is a paramount concern.”
Cybersecurity Knowledge is Critical for Small Businesses