in STEMGeekslast year


I saw an article this week about a gang of hackers trying to extort Apple for $50 million after stealing some files.

Turns out these files were valuable blueprints that Apple desperately does not want leaking to the public.

The crazy thing is, these sorts of attacks appear in the news on an almost daily basis.

Now you might be thinking…

I’m just a small business owner, I’m safe right?

Well, not exactly.

Although we don’t hear about attacks on small businesses in the news…

The reality is, an alarming 43% of all cyber-attacks are against small businesses.

And the stakes are just as high.

Here’s why the attacks are so frequent on small businesses…

Most of their attacks are automated.

Today they are using bots to scan the internet for security weak spots.

They’re not looking intentionally at targeting big businesses, because they’re harder to hack.

They’re looking for ANY business which is vulnerable.

Not only are small businesses more vulnerable to cyberattacks, but those attacks also tend to be more devastating.

And many of them don’t have the financial resources to recover.

According to Small Business Trends, 60% of small businesses go out of business within 6 months of a cyber-attack.

On average, they report small businesses which experience a cyber-attack spend $879,582 to repair damage to IT assets and $955,429 because of disruption of normal operations.

So, if it isn’t already, cybersecurity needs to be a high priority for your business.

Having good IT Policy and Governance models, and practiced ITSM processes in place gives you peace of mind knowing you’ve got the foundation for rock-solid cybersecurity defense.

It also means you can focus on things that will move the needle forward in your business.

And you can rest easy knowing your IT can be running seamlessly, your business remains efficient, and employees are productive.

Visit the ITSM Rhino to find IT policy and ITSM process templates and more that can help you keep your business safe from cyber-attacks, once and for all. We can also help broker for the right MSP to implement the technical solutions that fit your unique business needs.

Feel free to discuss small business risks below. I will even gift one lucky comment 1 free Hive at the end of 7 days.

So, share any thoughts or experiences you may have with small business risks below, whether as a user, techie, implementer, manager, etc., and earn a chance at 1 free Hive.

Also, as a bonus, any reblog will receive 1 free Hive.

…and, as an additional bonus, if you share this post on Twitter for 1 Hive, the tweet must use the hashtags #itsmrhino and #hive along with containing your Hive username.

By the way, my Twitter handle is @itsmRhino, so feel free to follow.

Be on the lookout in a couple of days for one more post related to IT Woes.

P.S. If you didn’t get a chance to read my recent eBook ‘You’re Not Immune to IT Woes: Don’t Ignore the Symptoms’. There are loads more great advice in here about what you need to protect your business.


Some thoughts from my side. I am not sure if I am referring to the right problem.
It's not hacking in the traditional way. It's social engineering, which uses workers as a weak spot. Due to the new Guidelines of GDPR in the EU companies can get in really big trouble when someone else gets access to the data. The penalty fee can go into millions. Small businesses are mostly an easy target because you need to be aware of this topic, how to handle it the right way, how to protect data etc.. There are good articles about it. If you are interested in this topic, this is a pretty good paper: https://www.semanticscholar.org/paper/GDPArrrrr%3A-Using-Privacy-Laws-to-Steal-Identities-Pavur-Knerr/eb73ae451c6a0fa5d32b94c0fdbcae9c5f74b308

Here is a video about such topic.

Being on the other side of the pond, I think GDPR often slips our minds, but it needs to be a concern if dealing with customers and members from the EU.

I will definitely check out the article you shared and the video and will ensure I share them on other social media and blog in the future. Thanks for sharing.

Whenever there is an IT security breach, there have been some kind of vulnerability. It's important to fix vulnerabilities as fast as possible, and it's also important to consider "defence in depth" and make sure the risk of someone being able to abuse a "zero-day" vulnerability is low. Most people have an inbound firewall, but leaves the outbound firewall wide open - most automated attacks can easily be stopped by having a firewall that by default stops all outbound traffic.

I'm quite concerned about the Norwegian mentality nowadays, I read "we couldn't possibly defend ourself against this attack" when someone got unauthorized access to the parliament email system. Commenting on some local new site, I got attacked for "blaming the victim" (I wrote more about that in another post).

Thanks for sharing your post Physical Security vs. IT Security. I loved it and sent you a tip since it was past the time for voting. I plan to share it on social media.

Like I said in my comment on your post, we as users, administrators, and managers of IT have to "own it". We have to stop thinking of IT security just in the terms of cybersecurity, just the technical 1's and 0's. We have to look at the physical, operational, and other flavors of security that can touch the tech and people around the tech.

Congratulations @joebrochin! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

You distributed more than 8000 upvotes.
Your next target is to reach 9000 upvotes.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

Check out the last post from @hivebuzz:

Hive Tour Update - Account creation and Account Recovery steps
Hive Tour Update - Decentralized blacklists and Mutes lists
Support the HiveBuzz project. Vote for our proposal!