It was a cold February day in Minnesota, the kind that hurts exposed skin. Stopping my car at the mailbox, I grabbed a bundle of letters and catalogs. As I browsed through the mail, I noticed a check from the IRS and got an instant sick feeling to my stomach.
This wasn’t my tax refund because I hadn’t filed my taxes yet. I knew instantly what had happened – I’d been the victim of a data breach.
Steeling myself, I ran through the remaining pile of envelopes and found one from my accounting firm confirming that my information had been stolen. Sadly, this isn’t uncommon, and we now take it for granted when we get a letter informing us that we’ve been the victim of a breach. I’ve lost count how many times it has happened to me.
Small Businesses Under Attack
While the national news talks about large credit card companies and retail firms being the target of cybercrime, small businesses often remain blissfully unaware that they will be or already have been the target of hackers. Many law firms and accounting firms fall into this category and hold critical data that will enable criminals to easily commit tax fraud or identity theft.
While there are more than 28 million small businesses in the US, representing a vast target for these hackers, most don’t have a permanent IT team or anyone on staff with security knowledge. These businesses represent low hanging fruit for attackers interested in making a quick buck and are usually much easier to penetrate than a large national firm with a permanent security team.
Without an IT staff and security expertise, it’s no surprise that these companies don’t often detect a breach right away and such an event can have a massive financial impact. Indeed, as (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Sara Lofgren. Read the original post at: Cylance Blog