One of the questions we are frequently asked at Tolar Systems is, “what’s the importance of database security in today’s business environment?” Business owners are sometimes unsure whether such a technical sounding term is an issue for their business.
Database security is important for all businesses large and small. Often people may think that if their business is small they’re unlikely to be subject of a cyber attack, but the truth is hackers don’t care how large your business is, or what industry you’re working in. They are simply looking for vulnerabilities they can exploit. Unfortunately, for many small and medium businesses, lack of knowledge and experience around database security often result in poor security practices that leave you vulnerable to an attack.
What sorts of practices can leave you vulnerable? The list is long but it includes common mistakes such as:
- Sharing or storing passwords in an unsecure manner,
- Failure to install security updates and software patches,
- Lack of routine monitoring of networks and systems,
- Failure to monitor and manage wireless devices using your network.
The importance of database security in today’s business environment is underscored by a series of recent attacks that impacted businesses around the world. Malicious software developed by NSA was leaked to hackers who in early May of 2017 used it to commit one of the largest “ransomware” attacks on record. Companies in more than 100 countries fell victim to the attack, which threatened to erase all company data unless victims complied with the data thieves demands for payment.
Other attacks so far in 2017 have targeted users of Gmail, customers of the restaurant chain Chipotle, customers of the business services firm Dun and Bradstreet, and users of the electronic signature platform Docusign, among many others. The types of attacks range from “phishing” attacks where an email is sent to try to convince users to divulge personal information that could then be used to gain access to email accounts, to more sophisticated attacks that enabled hackers to gain access to payment information, customer lists and other sensitive data.
When an attack like this hits a business, the impact can be devastating. A recent report by the Denver Post indicated that more than 60% of small businesses that are hit by a cyberattack will close their doors within 6 months. This alarming number is attributed to the high cost of cleaning up the damage from a cyber attack, such as paying restitution to customers, loss of business, etc. The average cost to businesses of recovering from these attacks is astronomical. For small businesses, the cost averages more than $690,000; for mid-market companies, the costs may exceed $1M million dollars.
Still wondering about the importance of database security in today’s business environment? Here are a few statistics from 2016 to consider, courtesy of cyber-attack trackers atHackmageddon:
- More than half of all cyber-attacks are directed against individuals and businesses.
- Although they are high value targets, government, healthcare, education and financial services make up less than 30% of attacks, due possibly to better security practices in these industries.
- Retail, restaurants and hotels make up more than 12% of all cyber attacks.
- More than 70% of cyber attacks are criminal in nature, as opposed to espionage, “hacktivism” or warfare related attacks.
Small business database security breaches may not be the subject of headlines, but they’re just as devastating to your business as the big attacks that make news. What’s the importance of database security in today’s business environment? It could be the difference between your business surviving, or being driven out of business by cybercriminals.