As data dictates an increasing number of business imperatives, threats to digital security have an even greater potential to debilitate companies and harm the customers and employees sharing their sensitive information.

High-profile attacks against companies like Equifax Inc., Yahoo and Uber Technologies Inc., to name a few, have highlighted the need for more robust cybersecurity in a new digital era. But large enterprises aren’t the only ones at risk. With their often unsophisticated infrastructure, ill-equipped information technology personnel, and lack of defense against attack, small businesses are becoming an attractive target for cybercriminals.

“It’s the small companies that [think] ‘it’s not going to happen to us, or if it does happen to us, what do we do about it?’” said Lurlene Brown (pictured), information technology cybersecurity consultant with CJJFC. “They hear about the big breaches, but it can happen to a small company as well.”

Brown sat down with Dave Vellante (@dvellante), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Veritas Vision Solution Day event in Chicago. (* Disclosure below.)

A small, independent company themselves, CJJFC works with small and non-profit businesses to reckon with and prevent against cybersecurity issues. Brown represented her company at the Veritas event to learn the latest on enterprise security technology and translate industry developments for her small-to-medium-sized business customers.

This week, theCUBE spotlights Lurlene Brown in our Women in Tech feature.

An invisible risk to small business

Many small businesses believe their size renders them not worth the trouble of cybercrime, but with the ease of attack enabled by automated breach, they’re often a more valuable mark than the larger businesses with stronger digital defenses. The U.S. Congressional Small Business Committee reported that 71 percent of attacks in 2018 were perpetrated against companies with less than 100 employees.

With IT teams often either nonexistent or numbering in the single digits, the majority of CJJFC’s customers don’t have the budget or experience to create a comprehensive security plan.

“A lot of them don’t even have an IT person. Somebody knows how to work a computer, turn it off and on, make sure the stuff is backed up,” Brown said.

Some companies utilizing software as a service products leverage the cloud as a preventive measure that doesn’t require extra resources or talent, unaware that the platform offers its own set of risks. Sixty-eight percent of midmarket businesses host in the cloud because they believe it provides stronger data security than in-house alternatives.

“If you have limited budgets, how do [you] deal with that? A lot of them have the attitude that it’s not going to happen,” Brown stated.

When a breach can make or break

To ensure they are prepared for any potential threat, CJJFC helps clients develop a defense, backup and recovery strategy that’s customized to their budget and unique business needs.

“The main bottom line is budgeting. Do we have the money to get what we need in order to survive? Do you have something viable to say to your clients? Can [you] go on with business as usual?” Brown asked.

Avoiding data loss and vulnerable customers typically starts with helping small businesses get up to speed bolstering new technologies, or even adopting them for the first time. Digital transformation often comes slowly to smaller companies with less resources to transition, and building sound migration processes is a top priority for CJJFC.

Even upgrades like the one from Windows XP through the next generations of operating systems can pose some of the biggest hurdles to improvement, according to Brown. But creating a process for regular updates is one of the most important factors to SMB security hygiene.

“It takes time for people to migrate from one thing to another to make sure it’s safe and it’s dependable and be comfortable with it so when the next phase comes up they can be a little bit more comfortable,” Brown said.

Big businesses can recover, small businesses can’t

Updating core infrastructure, reinforcing endpoints, and establishing secure mobile practices may feel like a big leap to some businesses still struggling through operating systems, but these protective measures are crucial to a strong foundation for better overall performance and financial bottom line. Forty percent of companies reported losing eight or more working hours to security breaches, and 20 percent spent up to $2,499,999 in recovery costs this year.

“Especially with small businesses, you can’t afford to have a breach, because that makes or breaks your company,” Brown said.

Many SMB customers remain unfamiliar with ransomware and other cyber threats despite having the most to lose from a potential attack, according to Brown. The randomized, self-operating processes that guide viruses enable attacks numbering the millions, and those without sturdy backup and recovery have the hardest time bouncing back. Though the many evolutions of digital transformation can become unwieldy for smaller businesses lacking resources, CJJFC is enabling customers to see its benefits instead of suffering its risks.

“They have to keep informed, especially in small businesses. Big businesses can recover; small businesses can’t,” Brown concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Veritas Vision Solution Day event. (* Disclosure: TheCUBE is a paid media partner for Veritas Vision Solution Day. Neither Veritas Technologies LLC, the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE