Recent security breaches at large companies such as Target, Neiman Marcus and PF Chang’s garnered a lot of headlines and affected millions of consumers.
But they also may have given small and medium-sized businesses the mistaken belief that they don’t have the same cyber security concerns as big firms.
According to a recent article by USA Today, many small-business owners believe they are under the radar, but John Mensel, director of security services at Concept Technology, believes that’s a dangerous mindset.1
“You’re not only a target, you are being actively attacked,” Mensel told the paper.
A report by cyber security firm Symantec showed that businesses with fewer than 250 employees represented 31% of all attacks in 2012, according to USA Today. Most of these smaller businesses are only focusing on good firewalls and antivirus software. In 2014, Mensel said, “that’s not enough.”
Typical antivirus software can’t detect intrusions, and attackers are targeting smaller businesses because they know such firms don’t have as much protection, the article said.
According to Verizon’s Data Breach Investigations Report cited by the USA Today, it takes attackers only a few days to breach a business, but fewer than 25% of breaches are discovered in that short amount of time.
“That’s the No. 1 problem in network security today,” Mensel said. “Attackers are compromising networks very, very fast, and as IT people, we are not doing a good job of detecting them.”
However, Verizon’s report also said internal discovery of attacks outnumbers external discovery for the first time in the report’s history, suggesting that businesses are coming to grip with the problem.
That notion also seems reflected in some of the recent financial and stock performances of cyber security companies.
The Cyber Security motif has gained 3% in the past month. During that same time, the S&P 500 has lost 2%. So far this year, the motif is down 6%; the S&P 500 has increased 5.9%.
Shares of Symantec, which have a 25.8% weighting in the Cyber Security motif, have climbed since the company topped revenue and profit estimates last week in its fiscal first quarter report.
Bloomberg reported that the company received a boost from the rise in computer attacks that is spurring sales of antivirus programs as more people stay online, with global spending on security software and hardware projected to climb 9.1% this year to $7.1 billion, according to data from Gartner.2
However, while Symantec said it benefited from corporations upgrading their personal computers, the company is actually under pressure to split itself up as demand slows for conventional antivirus software, which can’t catch the most sophisticated attacks.
One possibility for Symantec’s future growth plans? That’s right – data breaches.
1Stephanie Schrialdi, “Cybercriminal strikes can be small, but mighty,” usatoday.com, July 22, 2014, http://www.usatoday.com/story/tech/2014/07/22/cybercrime-small-businesses/13012001/, (accessed Aug. 12, 2014).
2Jordan Robertson, “Symantec Revenue Beats Estimates on PC Security Demand,” Bloomberg.com, Aug. 7, 2014, http://www.bloomberg.com/news/2014-08-06/symantec-revenue-beats-estimates-on-pc-security-demand.html?cmpid=yhoo, (accessed Aug. 12, 2014).