But I'm a small business...it won't happen to me!
Scott Johnson 02/08/2023
1 Minutes

As a cyber security organization, we spend a ton of time analyzing where the bad guys will hit next. Occasionally, we find trends that can steer us in a certain direction. For the most part, the bad guys seem to just follow the money - but, not always.

For the purpose of this blog, let's define a small and medium business as a company with an employee count of less than 250. Cybercriminals are more frequently targeting smaller businesses because of the lack of security resources they can afford. Did you know that on average, 1/5 of your IT budget should go to IT security?  What does that translate to in your business? This can become out of balance as overall IT budgets are carved up.

Although they are mostly money driven, we are also finding cybercriminals target small critical businesses that have a huge effect on supply chain. Instead of a large "elephant" payout from a large business, they are finding great success in attacking multiple small businesses.

We are also seeing a major shift into attacks on non-profit and charity organizations. These industries are a hotbed for credit card information. Again, lack of budget can negatively effect the security of a non-profit as well.

So, what SMB industries are getting hit the hardest?  The below study from the Crowdstrike website done in December of 2022 can shed some light on where the attackers are spending most of their time. 



Related Posts

It is a long established fact that a reader will be distracted by the readable content of a page when looking at its layout.

Cole Goebel 11 July, 2024

Tabletop Simulations - Practice Makes Perfect

Practice Makes Perfect: The Vital Role of Tabletop Response Simulations for Cyber Attacks…

Cole Goebel 27 June, 2024

What's Going On with Kaspersky Labs?

If you're watching the news, you'll have seen the United States taking some action against…

Cole Goebel 18 June, 2024

XDR vs SIEM: The Battle of Advanced Threat Detection

Discover the key disparities between Extended Detection and Response (XDR) and Security Information…