To say cybersecurity is a top-level concern for small businesses is an understatement.

     Here are some statistics that are sobering:

• 46 percent of all cyber breaches impact businesses with fewer than 1,000 employees.
• 61 percent of small businesses were the target of a cyberattack in 2021.
• At 18 percent, malware is the most common type of cyberattack aimed at small businesses.
• 37 percent of companies hit by ransomeware had fewer than 100 employees.
• Employees of small businesses experience 350 percent more social engineering attacks than those at larger enterprises.

     The result of these attacks is costly to small businesses:

• 55% of people in the U.S. would be less likely to continue doing business with companies that are breached.
• 95% of cybersecurity incidents at SMBs cost between $826 and $653,587.
• In 2020 alone, there were over 700,000 attacks against small businesses, totaling $2.8 billion in damages.
• 75% of SMBs could not continue operating if they were hit with ransomware.

     Not all small business owners understand what is at stake:

• Just 17% of small businesses have cyber insurance.
• 47% of businesses with fewer than 50 employees have no cybersecurity budget.
• 51% of small businesses have no cybersecurity measures in place at all.
• 36% of small businesses are “not at all concerned” about cyberattacks.

     So, what is an owner supposed to do in the new world of cyberattacks? Take the time to research, learn, and get prepared.

     For instance, the Small Business Administration (sba.gov) offers basic information about a litany of business-related topics and issues. It is a great place to start learning terms and concepts.

       According to the SBA, cybersecurity matters because “small businesses are especially attractive targets because they have information that cybercriminals (bad actors, foreign governments, etc.) want, and they typically lack the security infrastructure of larger businesses to adequately protect their digital systems for storing, accessing, and disseminating data and information.”

     Here are a few basic cyber security terms.

     Malware (malicious software) is an umbrella term that refers to software intentionally designed to cause damage to a computer, server, or computer network. Malware can include viruses and ransomware.

     Viruses are harmful programs intended to spread from computers to other connected devices like a disease. Cyber criminals use viruses to gain access to your systems and to cause significant and sometimes unrepairable issues.

     Ransomware is a specific type of malware that infects and restricts access to a computer until some sort of ransom is provided. Ransomware will commonly encrypt data on the victim's device and demand money in return for a promise to restore the data. Ransomware exploits unpatched vulnerabilities in software and is usually delivered through phishing emails.

     Spyware is a form of malware that is designed to gather information from a target, and then send it to another entity without consent. There are types of spyware that are legitimate, legal, and operate for commercial purposes such as advertising data collected by social media platforms, however malicious spyware is used frequently to steal information and send it to other parties.

     Phishing is a type of cyberattack that uses email or a malicious website to infect your computer or system with malware or to collect sensitive information. Phishing emails appear as though they have been sent from a legitimate organization or known individual. These emails often entice users to click on a link or open an attachment containing malicious code. Be very cautious about opening links from unknown sources. If something seems suspicious from a known source, do not just click on it - ask the source directly if it it is legitimate.

Eric Cormier is Senior Vice President of entrepreneurship and Strategic Initiatives at the Southwest Louisiana Economic Development Alliance/Chamber SWLA and Business Incubator. He can be contacted at 337-433-0977 at Extension 2221 or at ecormier@allianceswla.org.