5 Statistics Changing the Cybersecurity Landscape for SMBs in 2023

UPDATED July 18, 2023

High profile breaches and cyber security events in past few years have been a wake up call for many enterprises in every industry. Security and compliance has been an important issue for every IT department, but is your organization prepared to battle cybercrime and vulnerabilities? Check out the stats below to figure out where you stand - and what needs to change.

Important Cybercrime Statistics and Quotes

Take a look at 5 quotes that might change your mind about the importance of cybersecurity solutions in your business. 

Small businesses spend an average of $955,000 per attack to restore normal operations. [Furthermore,] 43% of cyberattacks target small businesses. 
 

Cisco Umbrella, 2023

The cyber security battlefield is always changing and unfortunately, some businesses (especially SMBs) struggle to keep up with cybersecurity demands. But isn't it worth the time and effort to save the nearly million dollars it takes to restore your business? You might be overwhelmed (we can help!) by the idea of managing and implementing the necessary complex solutions needed to keep your business up and running but the odds are not in your favor. Cybersecurity is a nonnegotiable! 

However, regardless of your cybersecurity posture, you're not alone in feeling overwhelmed and stressed out.  The same study from Cisco Umbrella says that "47% of small businesses [report that] they have no understanding of how to protect themselves against cyberattacks." But as time goes on, cyberthreats are becoming more numerous and complex, with orchestrated, multi-staged, evasive attacks becoming the norm.

You can’t afford to wait – so where do you start? Check out our blog on 5 Cybersecurity Tips for SMBs. It'll get you started as you begin planning your cybersecurity strategy.  Spoiler alert...passwords are a great place to start! 

Iran-linked...group tracked TA453 has been linked to a new malware campaign targeting both Windows and macOS systems.

Security Affairs, 2023

You use or your business uses a Mac, so you're safe, right? Unfortunately, you're not. TA453, a new Iran-linked threat actor and malware campaign, has been running rampant through Windows and MacOS systems in the past months. According to Security Affairs, TA453 is a nation-state actor that overlaps with other cybercrime activity tracked as Charming Kitten, PHOSPHORUS, and APT42. Highlights of its process, according to the same article, is as follows:

• TA453 in May 2023 started using LNK infection chains (email phishing) instead of Microsoft Word documents with smaller infections laced into the document.
• The researchers observed the TA453 using a variety of cloud hosting providers to deliver a new infection chain aimed at deploying a new PowerShell backdoor dubbed GorjolEcho. Never trust a cloud provider that isn't vetted. 
  
• The next course of action will be a zip file containing all the codes your hackers need to infect your systems (Mac included!) 
  

Never fear, if you're concerned about this, let us know. We can partner with you to further train and secure your business for the future. 

With the cybercrime industry raking in $1.5 trillion USD in 
revenue annually, criminal groups and organizations are only gaining strength and growing in sophistication. 

Arctic Wolf Threat Report, 2023

Did you read that right? Over a trillion US dollars. Our head spun a little too. This is up from the $455 billion recorded in 2021. The Arctic Wolf 2023 Threat Report concludes the following predictions for the future of crybercrime: 

"Threat actors now commonly build, market,  and lease ransomware infrastructure to other entities skilled in penetration testing, allowing  the infrastructure operators to take a 20-30% cut  of the proceeds from the ransom and extortion  while reducing risk on their part. Many modern ransomware organizations operate like legitimate businesses, with their own organizational structure and departments. Some even offer their victims robust customer service and vacation days for their ‘employees,’ and invest in their talent through skills development opportunities.

In addition to structural changes, we expect ransomware groups to increasingly rely on double-extortion or triple-extortion without encryption to simplify future ransomware attacks. Traditionally, a ransomware attack meant that a threat actor that infiltrated a network would encrypt a company’s data, making it inaccessible. 
Only after paying a ransom would the victim receive the decryption key."

Don't contribute to the next trillion. Make a plan now. 

Over 422 million American adults had their personal and/or financial information compromised in 2022.

Identity Theft Resource Center, 2022

You, as an individual, have probably had your information compromised in at least one of the many breach incidents that occurred last year. A report by the Identify Theft Resource Center found that more than 400 million American adults, roughly one in two people, had their information exposed due to the hacks. Erik J. Huffman, a technologist and cybersecurity researcher, says it best, "...hackers don't want to go toe-to-toe with your firewall. They don't want to challenge your antivirus (EDR), because that's very difficult, not when they can exploit the largest vulnerability on every network on the planet right now -- that's us, people. Cybercriminals are not just hacking computers; they are hacking humans. Because...unlike computers, we actually respond to propaganda." If you're concerned about the humanity of your potential errors, think about Employee Awareness Trainings to help combat this underlying cybersecurity statistic. 

Still, having your enterprise’s data compromised is another matter entirely.

This leads to the final cybercrime and compliance quote…

64% of organizations increased their IT budget to invest in technologies to prevent and/or detect breaches.

Spiceworks, 2022

How to Not Become a Statistic with Cybersecurity solutions

You don’t want your organization to make the news by falling victim to cybercrime no matter your industry. Even more, it's important to know that if you're an SMB in Manufacturing, Services, and Construction, Zscaler's 2023 Ransomware Report says you are the most at risk. Don't become the statistic! 

Centre Technologies can help you discover proven security strategies, backed up by enterprise class technology. We can even help you dissect those nasty insurance contracts and policies. For more information on our enterprise security solutions, contact Centre Technologies today.