Hyper-growing companies – companies with annual revenue growth of more than 40% – are increasingly becoming the object of close attention from cybercriminals, according to the blog of Beyond Identity, an information security company.
“Employees of fast-growing companies report a greater number of cyber attacks than employees of companies with normal growth,” reports Beyond Identity. ” According to more than a third of respondents, their company has experienced from three to five attacks. A little more than a quarter reported one or two.”
At the same time, companies of standard growth experienced fewer attacks – only a quarter reported three to five violations, according to a survey conducted among more than a thousand employees of entry-level and mid-level companies.
The findings were obtained despite the statements of fast-growing companies about a “more aggressive position” regarding cybersecurity compared to conventional companies – almost two-thirds versus just over half.
Referring to the COVID pandemic, which caused an increase in the number of phishing attacks related to health problems in 2020, the authors of the study added: “The fastest-growing companies in the healthcare and technology sector were most severely affected. For example, Magellan Health, a Fortune 500 insurer, was subjected to a cyberattack. As a result of the attack, 1.7 million accounts of internal and external customers were exposed.”
“With the rapid expansion of the company, there are more and more employee data requiring protection,” the study says. This situation creates more opportunities for attackers to attack.
However, there is evidence that fast-growing firms are in some way better protected from the consequences of cyber attacks. While companies with standard growth estimated losses in the range of $34,000 to $119,000, for fast-growing companies the range was much lower – no more than $25,000.
According to Beyond Identity, the main areas of interest of fast-growing enterprises, namely, revenue growth, marketing strategy and financial stability, can “distract attention from cybersecurity issues.”
This statement is confirmed by the report – fast-growing companies are slightly behind their less successful counterparts when it comes to backup of vital data, training of cybersecurity personnel and protection of computer equipment.
At the same time, there are “two areas in which companies with a high growth rate outperform ordinary companies by more than 20 points: creating a security-oriented culture and investing in cybersecurity insurance,” Beyond Identity noted.
The most unexpected was the recognition of half of all surveyed companies – both fast-growing and ordinary – in the absence of restrictions on network access to their internal systems.
“It doesn’t matter whether employees understand or not, they often transfer confidential data to external sources, using their personal email address to conduct company business and not taking proper measures to protect passwords,” Beyond Identity noted.