Electronic crime now costs businesses hundreds of billions of dollars each year.

By Robert Cresanti

It’s a normal day at your business and your employees are working hard to meet your customers’ needs. Suddenly, a warning appears on your computer screen: It’s a ticking clock next to a threat that all of your data will be destroyed unless you pay $500 within the next 40 hours. If you give in, you’re encouraging future attacks. If you don’t, your business could lose critical information and customer trust.

Cybercrime on the Increase

The situation described above, caused by a common “ransomware” virus, is an unfortunate, but all too real example of the growing threat of cybercrime. Although non-existent several decades ago, electronic crime now costs businesses across the globe hundreds of billions of dollars each year. The dramatic increase in the Internet’s importance has provided many valuable tools to entrepreneurs, but it has also made them more vulnerable to bad actors. Several recent attacks against prominent retailers, firms and banks have done much to raise public awareness of this threat. However, the majority of these attacks are committed against small businesses. According to Verizon’s 2014 Data Breach Investigations Report, companies with less than 1,000 employees are almost twice as likely to be the victims of cybercrime. Unfortunately, the businesses most vulnerable to cybercrime are often the least equipped to deal with the repercussions. Electronic criminals are drawn to small businesses because they often lack the expertise, experience or staff to defend themselves from digital infiltration. Once in, these criminals can steal customer personal and payment information, disrupt normal business operations and even hold company data hostage.

Data Theft

One of the most common attacks on franchise small businesses is theft of data from point-of-sale machines, which conduct transactions with credit cards. Hackers can penetrate these machines, steal customers’ financial information and then use that information to make fraudulent purchases. Perhaps most disturbing of all is that in 99 percent of incidents reported in 2013, the victims of these POS attacks had to be informed by an external party (usually law enforcement) that their systems had been compromised. Some simple steps you can take to protect yourself against POS attacks include regularly updating the password on your POS machine, restricting non-business related activities on all computers used to process transactions and installing and maintaining professional anti-virus software. Although the theft and loss of trust with one’s customers is serious in itself, small businesses can also be held financially liable for any fraudulent transactions if their machines don’t meet the latest Payment Card Industry Data Security Standards. These standards, which apply to every machine that uses major credit card brands, are updated roughly every two years. It is absolutely critical that you check your POS machines regularly for compliance with current PCI Security Standards to protect your business. These standards, and a wealth of other security information, can be found at https://www.pcisecuritystandards.org/.

Protecting Small Businesses

Despite the increase in cybercrime, law enforcement and business groups are taking steps to ensure that small-business owners remain protected from these thieves. The U.S. Secret Service has become much more aggressive in pursuing electronic criminals across international borders and local police departments throughout the country are partnering with the federal agencies, such as the FBI, to establish best practices and share information on threats as they emerge. In July, federal agents arrested Roman Seleznev, a Russian national accused of stealing hundreds of thousands of Americans’ credit card information.  Just last year the Justice Department announced charges against eight alleged cybercriminals responsible for stealing $45 million from ATMs across the globe. These high-profile arrests not only take criminals off the streets, but also remind prospective hackers that their online actions have real-world consequences. The International Franchise Association is working to increase cybersecurity awareness in the franchise community. The threat of cybercriminals is real, especially for franchise small businesses, and this threat will only increase in the coming years. However, these bad actors can be overcome. The franchise model depends on cooperation and, even though some of our businesses might be small, we have an entire industry standing together. As a partner of the National Cyber Security Alliance, IFA is working with its members and other business leaders to create a comprehensive strategy to detect and prevent electronic crime. I urge you to participate in this effort. Learn more about what you can do to protect yourself from data theft and other fraud by visiting the National Cyber Security Alliance’s website, http://www.staysafeonline.org/.

Robert Cresanti is executive vice president of government relations and public policy for the International Franchise Association. Find him at fransocial.franchise.org.