Cyber security is something that small businesses should take seriously. Many small businesses tend to neglect cyber security because they typically do not think that they are a target for hackers. However, the number of cyber attacks made on small business entities has been on the rise for the past five years. A whopping 43% of small businesses have encountered some sort of cyber security threat or have been hacked.

Small businesses make for good targets because they rarely have sufficient resources to dedicate to bulking up their cyber security. For hackers, small businesses can be a treasure trove for gathering customers’ personal data and payment information because more often than not small businesses are using outdated technology, outdated protection software, and poor security practices. Small businesses are often vulnerable to attack, and small businesses that do not make cyber security a top priority are effectively sitting ducks.

Small Business Cyber Security Statistics

According to Symantec’s 2016 Internet Security Threat Report, small businesses are under constant threat from cyber attackers. According to the Threat Report, small businesses are defined as having 250 employees or less. Below is just a sampling of Symantec’s cyber security statistics that are relevant to small businesses.

• While one out of every two large businesses are at risk for suffering a cyber security attack, one out of 40 small businesses are at risk of suffering some sort of cyber security breach.
• Hackers often do not just make a single attack on a small business. Hackers usually make multiple attempts to gain access to a small business’s computer systems.
• Ransomware type attacks against small businesses are on the rise as many small businesses are easily overwhelmed when their computer systems are held hostage by malware.

Phishing is Still Used by Hackers Against Small Businesses

Small businesses are most likely to be hacked through some sort of phishing scam. Oftentimes, hackers target their phishing attack on employees whose job functions relate to managing the company’s finances or those employees with access to customer information. Hackers who use phishing scam to gain access to a small business’s computer systems rely on the employee making a mistake, or being tricked into opening an infected email and clicking the link contained inside, or downloading the attached file. 30% of phishing emails are opened by employees at companies, and 13% of phishing emails are successful at having an employee infect a work computer system.

Over time, phishing attacks have evolved to become even more tricky; spear phishing has become an increasingly popular type of cyber attack used against small businesses. Spear phishing attacks on small businesses increased a whopping 55% between 2014 and 2015. Spear phishing is where an employee appears to receive an email from a known source, such as a fellow co-worker, superior, of third party business partner, but the email is really a fake designed to infect the recipient’s work computer.

Cyber Security Best Practices

Small businesses are constantly faced with the threat of a cyber attack and cyber security is going to become more and more important as hackers use more sophisticated hacking techniques. Small businesses need to follow cyber security best practices to protect themselves and their customers’ personal information. They need to give cyber security the time and resources necessary to rebuff cyber attacks and to neutralized cyber threats or face growing liability.

This post first appeared on SmallBizClub.com. Image credit to Instant SSL Certificates.