The primary goal of small business owners is business growth, but that doesn’t mean business growth gets all their focus. On the contrary, small business owners must often be a jack of all trades; they negotiate prices, handle customers, perform accounting tasks, solicit new business, etc. As a result, business security often falls through the cracks, leaving their businesses exposed to bad actors and cyber attacks. This is particularly worrisome given that 43% of all cyber attacks are aimed at small businesses.
The stakes are high and the risks undeniable
Even before the pandemic, the rate of cyber attacks against small businesses was occurring with increasing frequency and regularity. 2019 saw a 424% increase in small business cyber breaches. However, since the onset of the pandemic, the rate of increase has been stratospheric. There were more cyber attacks in the first half of 2020 than there were in all of 2019 and small businesses have been frequent targets. Phishing attacks against small businesses have increased by 600% since February 2020 and according to a recent survey 46% of small businesses have been the target of a ransomware attack. Okay, so you get the point; no need to belabor it, but why the increase?
Small businesses are increasingly targeted by cyber criminals for several reasons. First, while they hold the same type of valuable information as large businesses, they lack the technical expertise and finances to defend it. Second, hackers like to use small business supply chain operations as a way to penetrate large businesses. Finally, the rapid adoption of remote workforces since COVID-19 has significantly expanded the attack surface, a development hackers have been quick to exploit. Thus, rather than ‘why the increase?’ the question now becomes ‘what can small business owners do about the increase’? The answer to that question is simple too: they should gift their businesses cybersecurity.
Gifting your business cybersecurity
While the majority of small business owners don’t have the luxury of creating an in-house IT or security team, there are still powerful, effective and easy-to-implement security measures available to them that will help protect their businesses. The most important ones are discussed below:
Learn about the threat landscape and your business’ digital landscape. This information will help you better understand what you need to do to protect your business.
Take a comprehensive approach. Protect your network and every device on it with a firewall and an endpoint security solution. While the job of a firewall is to monitor and control network traffic by erecting a security wall between outside networks and internal networks, the job of an endpoint security solution is to protect the devices that are connected to your network, such as laptops and tablets, by scanning for, detecting, and removing malware and viruses.
Educate your employees about cyber threats and create a culture of cybersecurity**.** Insider threats, which are caused by the actions of employees, whether intentional or unintentional, are top cybersecurity threats to small businesses, with small organizations spending an average of $7.68 million per incident. Training your employees about the best practices for online security and creating a culture of cybersecurity will significantly reduce cyber risks.
Grant access on an as-needed basis**.** Determine which people within your business need access to what systems and what data and then implement access control protocols to minimize the risk of private and valuable digital assets falling into the wrong hands.
Implement and enforce strong password hygiene. Employees should be taught to follow best practices for strong passwords such as never sharing passwords, making their passwords at least 10 characters long and not using the same password for multiple logins.
Don’t ignore updates. Those annoying reminders to update your software are a critical part of your cybersecurity because they provide patches to software vulnerabilities that hackers can exploit. Keeping software such as operating systems and browsers up to date with the latest security patches is therefore integral to your business’ cybersecurity.
Have your holiday cake and eat it too
Focusing on your business’ growth does not have to be at the expense of your business’ security. On the contrary, business security can help your business grow; the two go hand in hand. In other words, you can have your cake and eat it too. Here’s to a very happy, successful, and cyber secure holiday season.