What do local car dealers, hospitals and banks all have in common? At first glance, not much. However, all of them have become recent hacker targets. Why now when other, much larger corporate entities have traditionally been targets? One word – resources. Their resources, both network and personnel, are stretched thin. With the increased complexity and length of Distributed Denial-of-Service (DDoS) attacks, it’s a struggle for all organizations, let alone small and medium businesses. The 2016 State of SMB Security Report found that half of the 28 million small businesses surveyed were breached in the past year. Verizon cited, in their 2017 Data Breach report, that 61% of data breach victims were businesses with less than 1,000 employees.
Think about your neighborhood car dealership. It probably has less than 20 employees and the one IT person has to juggle printers, Internet of Things (IoT), website optimization and availability, as well as servers and workstations. Now think about the personal data captured as they sell cars – your full name, address, social security number, bank accounts, and credit scores. All of that data is in a network that probably isn’t considered as high of a priority to maintain as an up-to-date, responsive website. Their priority is to sell cars – not secure data. What would happen if that data fell into the wrong hands?
Now let’s look at your local bank or credit union. Accenture surveyed 275 global banking executives to create a cyber-security report and found that, while the executives were confident in their ability to identify and manage the risk, 36% of the attacks were successful. What does a successful attack mean? They were able to obtain information. The banks surveyed averaged 85 attacks each year. Even scarier, 59% of the banks took several months to detect the breach. That’s a lot of time and 1s & 0s for hackers to access and manipulate. If you’ve applied for a car loan recently, you’ve supplied them with your name, address, social security number, employer, salary, and gross monthly income. Compliance mandates are in place to protect the data but at the rate that new attacks are being generated, how safe is your personal information?
Last but definitely not least – your local doctor’s office. More than likely it’s either a stand-alone practice or part of a regional health provider network. Like other small businesses, the IT staff is minimal and has other priorities. Their job is to support the doctor’s practice by ensuring prescriptions get sent electronically, appointments can be scheduled, payment systems function, and online research can be done. Think about the data flowing through those electronic transfers. Not only would someone have access to your personal information, now they could find out about your medications and what wireless medical devices you use and need.
This is the first post in a series dedicated to these specific industries and how managed security service providers can help them. In a recent webcast with Heavy Reading, we discovered that 60% of attendees polled are currently developing their managed security strategy now. Join the momentum and help protect your customers’ networks from attack.