Many small business owners think that cybercrimes only happens to Fortune 500 companies or government agencies. They’re wrong! While the potential for gain is higher with larger entities many have protections in place to combat hackers. Most small businesses don’t.
With extremely valuable data such as customer records intellectual property customer credit card information financial information employee records and business correspondence small businesses are increasingly becoming the target of hackers. In their 2018 Cyber Risk report Hiscox
stated that forty‑seven percent of small businesses suffered at least one cyber attack in the past 12 months. That’s right nearly half of all small businesses have been attacked once and many have been attacked multiple times.
A majority of small business owners don’t have plans in place to deter attacks or detect them early. Also as you know small businesses also lack the capabilities to grapple with the financial losses associated with a data breach. While cyber insurance can help sixty-percent of small businesses will go out of business due to the inability to recover within six months of experiencing a cyber attack.
The good news is that there are ways to fight back.
Small businesses can take steps to counter this evolving threat. Companies can protect themselves with simple and cost-effective ways.
Phishing |General Malware | Compromised or Stolen devices
Malicious insider |Ransomware
The list above represents some of the most common threats small businesses encounter. Since many of these attacks are using social engineering targeting employees by sending emails appearing to be from known contacts or companies in order to convince individuals to share personal information such as passwords and credit card numbers.
Implementing a training program on these schemes is critical. This is a proven way to reduce the likelihood that one (or multiple) employees will open a nefarious email by helping to better identify one. Additionally training your team on the proper ways to create and manage passwords is important and easy. Best practices are to use long passphrases (including numbers letters and special characters) implement 2-factor authentication and apply password encryption.
Other steps your business should consider are securing your access to the Internet using antispyware and antivirus software implement data policies and procedures and lock down your mobile devices.
You can also consult with your internal technology team or a full-service IT and network services provider like The Logic Group to help develop a plan for mitigating the impact of cybercrimes.