

Data security is a serious and ever-growing issue for businesses big and small (not to mention the affected consumers). Threats such as data breaches, identity theft and fraud, and large-scale credit card leaks are never far from the latest business news. In recent months, we have seen high-profile data breaches at the following companies:
To put the above Companies in a real-world context beyond the headlines: the Marquard & Bahls attack led to the closure of over 200 gas stations across Germany; the Cash App leak affected a whopping 8.2 million customers; the Crypto.com attack led to stolen money amounting to $33 million, while Ronin’s led to losses of $600 million.
While the above large companies are more capable of weathering these storms, the same is not true of small businesses; Small businesses frequently experience attacks — a phenomenon that experiences underreporting in the news. The consequences can be devastating, with 60 percent of small companies going out of business within six months of falling victim. In addition, 42 percent of small businesses experience at least one cyber attack annually; yet worryingly, nearly 87 percent of small business owners believe they are not at risk from data breaches.
Small businesses face additional hurdles because they often lack the time, resources, and knowledge to protect themselves efficiently. They will also take longer to detect a breach. In their annual survey, Generali Global Assistance (GGA) published the following research:
Following these guidelines will assist in improving security:
As for the signs and symptoms of suspicious activity, small business owners should be aware of the following and know how to identify them:
Strange database activity: This could be new users, changes to permissions, or unusual data growth.
Abuse of account privileges: This includes altered audit information, sharing account access, or unwarranted access to sensitive information.
Unexplained user access changes: Signifies that a hacker is trying to access your network.
Unexplained changes to system files: This includes modifications, replacements, additions, and deletions.
Abnormal network behaviors: These can include unexpected changes in network performance or unexplained scans.
Identity theft affects individuals and businesses alike. In 2020, identity fraud reached $56 billion (USD) in losses. What is most concerning is that, when it happens, victims often have no idea that their identity is compromised — until the respective company/group announces the data breach. At the same time, the theft of an email address or redirected URLs is a favorite tactic of phishing scammers.
A Social Security number (SSN) is the single most significant government-issued identification document American citizens can have. For this reason, it is a highly prized target for criminals involved in data theft. With your SSN, a thief can do several things, from opening bank accounts and credit cards in your name to stealing your money and property. In 2019, the Social Security Administration estimated $7.9 billion in fraudulent payments, which equates to an average cost of identity theft of over $1,000 per citizen.
In severe cases of SSN fraud, it is possible to receive a new number. It is, however, a complex, lengthy, and complicated process. The primary issue is that your new number will have an empty credit history, leaving you and your business on a years-long road to recovery.
In summary, while big companies often hit the headlines regarding data security, small businesses are at even greater risk. It is therefore essential to educate and inform yourself and your employees of potential data threats. Security should be paramount, as well as knowing how to identify risks. Prevention beats the cure — we should act, rather than react — or, to flip an old phrase: the best offense is a good defense.
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, our cybersecurity platform protects 500,000+ organizations and 250+ million individuals across clouds, networks, devices, and endpoints. Trend Micro Initiative for Education
Copyright © 2023 SCORE Association, SCORE.org
Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.