Why Small Businesses Need to Watch out for Cyber Attacks

If you’re a small business, the bad news is that you may have to be extra vigilant in protecting yourself against cyber attacks. While we often think that hackers target the biggest companies, research from 2016 found that more than half of small businesses reported being a victim of data breaches in the past year. Below are some reasons why small businesses are bigger targets, and what you can do to protect yourself.

Why You’re At Risk

  • Small Businesses are Usually Under-Prepared

Small businesses generally don’t have the same cybersecurity defense that larger corporations have, which can be explained largely by a lack of awareness, but also because of the cost of security software. According to recent data, 65% of small businesses don’t even have a security policy in place.

  • Small Businesses Often Have Valuable Information

This is not to say that bigger businesses don’t; however, the majority of small business are storing either card data or personal identity information- the most lucrative kind for criminals.

  • Small Businesses are a Gateway to Big Businesses

Small businesses often supply goods and services to corporations, so a hacker can gain entry to a desirable target through a small business.

  • Small Business Owners are More Likely to Pay Ransoms

Ransom-ware attacks like Wannacry happen when hackers encrypt important data and demand a ransom for the data’s return. However, most small businesses do not have the tools to recover data from a ransom-ware attack. Because of this, they’re often forced to pay the ransom.

  • Hackers are Less Likely to Get Caught

Cyber attackers know that small businesses are much less likely to have the technology that provides a forensic footprint, so the chances of them getting caught are slim.

What You Can Do

  • Realize That You’re at Risk

Don’t assume that you’re immune to the threat- you should be constantly monitoring and ensuring that your security tools and practices are up to date.

  •  Develop a Comprehensive Security Policy

There are many avenues through which a data breach can occur, most commonly through web traffic and email. Address every possible security concern by implementing practices such as safe storage of data, secure usage of social media, and using firewalls and anti-virus software. Come up with a response plan in the case of an attack, and verify that you have the right people and technology to stay on top of your security, so you don’t find out about an attack once it’s already too late.

  • NEVER Store Card Data on File- Even if it’s Password Protected.

If you process payments, do not keep a log of customer card info. Instead, use a card processing system that tokenizes customer data so that it is never stored on file, but can still allow for recurring payments. Contact Fidelity for more information on secure card processing options.

  • Educate Employees

Make sure that your employees are aware of relevant security policies and best practices, like those related to internet usage and passwords. They should also know which information needs to be protected and how to do so.

  • Keep All Programs Up to Date

Cyber attacks like Wannacry will sometimes target a hole in software programs. These types of attacks can be avoided by continually updated software.


The most important thing for small business owners to realize is that they are big targets for cyber attackers, but fortunately, there are many tools they can utilize to prevent attacks- many of which are not prohibitively expensive. For more information on anti-fraud and security options, contact Fidelity.