Small Business: The New Black In Cybercrime Targets
Enticed by poor defenses of mom-and-pop shops, hackers turn away from hardened defenses of banks and large enterprises
By Tim Wilson DarkReading
WASHINGTON, D.C. -- Visa Security Summit 2009 -- Hacking banks and large businesses? That's sooo 2008.
Hackers and computer criminals this year are taking a new aim -- directly at small and midsize businesses, according to experts who spoke here today at Visa's annual security event. The consensus: Smaller businesses offer a much more attractive target than larger enterprises that have steeled themselves with years of security spending and compliance efforts.
"As the security becomes better at large companies, the small business begins to look more and more enticing to computer criminals," said Charles Matthews, president of the International Council for Small Business, in a panel presentation here. "It's the path of least resistance."
Matthews quoted industry research that states small businesses are far less prepared to defend themselves against cyberattack. "Nearly one-fifth of small businesses don't even use antivirus software," he said. "Sixty percent don't use any encryption on their wireless links. Two-thirds of small businesses don't have a security plan in place. These numbers are both surprising and disturbing."
And many small businesses still don't know they are targets, according to Chris Gray, director of innovation policy at the Canadian Chamber of Commerce and another member of the panel. "According to a brief survey we conducted, about two-thirds of small and medium-sized businesses believe that large companies are the main target for cybercrime," he reported. "Yet 85 percent of the fraud we see in business occurs in small and medium-sized businesses." Editor's Note: Small to Medium Internet Businesses can provide a dually authenticated, end-to-end encrypted payment solution for their e-shoppers. For these e-SME's the cost of PCI DSS compliance is costly, time consuming and confusing. You can solve your compliance issues and eliminate the cost by employing HomeATM's PCI 2.0 PED's. The cost is far less than achieving PCI 2.0 compliance on your own, and since we employ DUKPT key management techniques, the cardholder's data is NEVER transmitted. End result? Your e-business would be effectively removed from the burden of PCI DSS' scope. For more information, email us...
Find out how our patented technology can empower your financial institution.
Our secure two-factor online banking authentication eliminates dangerous passwords and usernames and replicates the same trusted process used to access cash at ATM's. (Insert Bank Issued Card, Enter Bank Issued PIN)
There is an R.O.I. as FI's also earn recurring revenue from each transaction conducted using our PCI 2.0 Certified PIN Entry Device. Our technology also provides a unique real-time P2P "Instant-Transfer" which allows your online banking customer to transfer cash from ANY of their bankcards to ANY other bankcard...with the Swipe of a card.
Help your bank eliminate phishing and your customers avoid identity theft by providing them with the ability to stop typing and start swiping. There is no safer way to conduct financial transactions online than by 3DES DUKPT encrypting the cardholder details, which we do at the mag-head "inside the box/outside the browser."
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tQrMocE-bQZRlvoAwdw5H0kjleW2FeCMLevjkGeq6i_YarrRSN02qcYwJolEZDrOyMW3URhEqEemUVjVUZWbuiQ72DXjtuZrFLFnJiYzvupxBkZ8Ecw-vBJxm310zpr64njxWziSjBJckrEqR6ERxS=s0-d)
0 comments