It’s a common and dangerous misconception that small businesses are less vulnerable to cyberattacks. The logic goes that SMBs are too small and have too little data to be attacked. But the reality is just the opposite.
According to a 2017 report on cyber crime, 61 percent of all breaches happened at SMBs. Even more troubling is the finding that 60 percent of those businesses closed for good within six months of the attack. Cybercrime is a common risk for SMBs, and in many instances it’s an existential threat.
Part of why SMBs are attacked so often is because it’s easier. They have fewer cyber defenses in place, and what is present is simple for hackers to bypass. Once inside the network there is still lots of things for hackers to steal or disrupt. SMBs represent a low-hanging fruit, which is why attacks are unlikely to slow down.
Now is the time for these businesses to get serious about cybersecurity. Make these strategies your priority in order to get ahead of hackers:
- Install a Firewall – This is an easy and effective tool that is considered mandatory for cybersecurity. It provides a suite of protections to ensure that only authorized traffic passes onto the network. Be sure that any remote employees also have a firewall in place.
- Create Plans and Policies – Cybersecurity is always more effective when it’s systematic. Develop policies that put best practices in place. Then develop plans for how the SMB will respond after a cyber incident. Detailed guidelines eliminate confusion and uncertainty when businesses are scrambling to recover.
- Safeguard Mobile Devices – Mobile devices access you network regularly but often lack basic security measures. There is also the risk of these devices being lost or stolen. If employees use their own devices there should be policies outlining proper usage. Devices should also have basic protections installed like remote data deconstruction.
- Get Cyber Coverage – Conquering malware is about minimizing the damage as much as preventing it entirely. SMBs can cushion themselves against the worst effects of an attack with the help of cyber security insurance providers. They provide financial, legal, and technical resources when companies need them to recover in full.
- Train and Educate Employees – Most malware will be directly downloaded by employees. Training them how to spot red flags and use networks responsibly lowers the risk significantly. Smart users are also the best defense against threats that other cyber protections can’t spot.
- Enforce Safe Passwords – Password issues are a factor in many cyberattacks. SMBs should require all employees to use complex passwords that are different across platforms and changed regularly. Two-factor authentication (2FA) is another way to ensure that only authorized users are logging into accounts.
- Practice Data Backup – This is another smart preemptive step. Hacker often try to corrupt or cut off access to data. Then they demand a ransom to repair the damage. If the data is backed up, however, the threat is irrelevant. This is just one of many digital disasters that backups help to resolve.
Putting these protections in place is a strong start. But the only way to preserve cybersecurity is to be constantly reevaluating risk. Be vigilant about where new threats are coming from. Then update your defenses, response strategies, and coverage levels to keep pace.