In 2018, keeping up with cybersecurity best practices should be of utmost importance for any size business. However, when it comes to small businesses solutions, many options are costly, making owners weary to implement.
Hackers and cyber security attacks come in many different shapes and sizes, and while big-name corporations that get attacked receive more press, many small business attacks don’t make headlines. In fact, research from the Ponemon Institute’s 2017 State of Cybersecurity in Small & Medium-Sized Businesses reported an increase in the percentage of small businesses cyber attacks from 55% in 2016 to 61% in 2017.
Hollywood has lead many to believe that cybercriminals are a few brainiacs with high-tech computers performing an elaborate heist to steal millions of dollars and escape to the Caribbean. While these stories are becoming more fact than fiction, the truth is that many cybercriminals are career criminal, meaning they make a living from various, smaller cyber attacks, preying on businesses that believe they have nothing worth stealing. In this blog, we’ll introduce you the basics of small business cyber security to keep your defense stronger than ever.
Where to Begin
It doesn’t take much to improve the overall cybersecurity in a small business. With a small investment in time and effort, huge changes can be implemented. In order to shave off the unnecessary expenditures, we must first look at how to improve the biggest vulnerabilities in your cyber defense. For small to mid-sized enterprises, the results may shock you.
What makes small businesses an easy target for career criminals are their higher amounts of data and cash flow with a smaller budget, often not allocating much for advanced cybersecurity measures. The Ponemon study mentioned prior showed the top two reasons for lack of cyber defense adoption are 1) lack of trained security staff (73%) and 2) inadequate budget (56%). This unfortunate combination puts a target on the back of many local and small operations.
An overwhelming majority of attacks result from poor password management and ignorance to clear red flags. While this may seem rudimentary, it’s importance cannot be overstated. Bad password practice includes using weak combinations, reusing passwords for various applications, and unsafe sharing.
Another element small businesses should consider are the lapses in technology that could create an easy route for a hacker to infiltrate the main system. All businesses should be keeping their hardware and software up to date. Older computers, applications, and extensions could be missing key features that prevent known threats from attacking.
Some good practices to keep in mind are:
- Updating to the latest operating system on all corporate devices
- Using only Google Chrome or Firefox as your internet service
- Downloading the latest updates of any cloud-based applications
Backing Up Data
The third piece of advice we have falls under the reactive category, as opposed to the above which are proactive. Keeping your system’s data backed up is critical to ensuring your business can begin operating again after an attack has occurred. Not only does it save you precious data from being completely erased, it allows companies to get back on track much faster. Not to mention, if the data stolen hold little to no value, you have the option to completely ignore the threat, restore your data, and continue on as usual.
Some good practices for data backups are to back up essential data in regular intervals— we recommend every week or even every day. You’ll also want to consider having both physical and cloud backups. While the cloud may be more convenient, you can never be too sure if modern hackers have the ability to infiltrate. For small businesses, we recommend both.
Protecting your business from cyber threats requires a deliberate strategy and a commitment from every member of an organization. Our number one tip for combating threats is to implement a cybersecurity workshop at least once a month. Reiterating the reality of cyber attacks is the only way to keep it ingrained in your employee’s mind. During the workshop, encourage everyone to change their passwords, update their computers and apps, and go over the current threats in the cyber landscape, like phishing or DDOS.
Making The Investment
Lastly, it’s important to know that the costs of an attack can far outweigh the cost of protection:
“Not only has the cost of data breaches risen to an average of just over £1.2m including all attack mitigation and business disruption costs from £717,909 a year ago, However, the report said given the enormous costs associated with a data breach, failing to protect against today’s dynamic threat environment could prove disastrous, and the costs associated with doing so may not be as high as imagined.”
If you’re considering a full cyber-security makeover, let JDL Group provide a free consultation of your small business. Our representative will provide an end-to-end audit and consultation for everything from your passwords to your network.