You’ve bought the firewall, you’ve added an anti-virus, you might even have multi-step authentication procedures for your staff. But does that really protect you from the evils that lurk across the web?
Most small to medium-sized business (SMB) owners don’t think they have anything a cybercriminal would even want, but that is where they’re wrong. SMBs are easy to work for cyber thieves and according to the US National Cyber Security Alliance, the most impacted. In 2016, US NCSA studies showed 60% of small businesses targeted by a cyber-attack shut down within six months of being breached. Unfortunately, the financial impact often is too much to bounce back from and forces the SMB to close their doors for good.
Is this rate of business failure due to an elevated sense of false security or is there more to it? In addition to believing their current methods are up to snuff many believe they simply cannot afford to upgrade their current methods or even explore other options. This is where they are wrong!
So what can you do?
Make IT security a priority. Let’s be realistic, SMBs have a lot on their plate. Owning a business means you will forever have your hands in 50 different fires and you need to keep them all burning simultaneously. So, face the idea of IT security as protecting what is yours. Don’t think of it as what will we do “if” we come under cyber-attack think of it as what will we do “when” we come under attack. If you are not technologically savvy or well versed in security options, reach out to a professional who is. Not only will this allow you to focus on what you do best, but you will have a specialist in your corner who will completely focus on securing your business without being distracted by other duties.
Designate a budget for your security upgrade
SMBs have a multitude of options but are usually under the assumption they cannot afford to increase security so they choose to remain as is. This cannot be further from the truth! Any IT specialist worth their salt will assess your business with penetration testing (see more about pen testing) and work within your means to tackle the pressing issues. If there are numerous issues, ask to receive a detailed plan of attack so you know exactly what your weak spots are and can work in a way to prioritize the implementation of improvements.
Train Staff on Security
Does Sally in finance love to forward those chain mail emails? Does Tim at the reception like to send out those funny email videos? Every person on staff needs to understand the potential for phishing masked as everyday emails. According to Social-Engineering.org clicking links in emails accounted for 88% of all phishing related breaches. So, relying on software safety nets is only half the fight. Your mother was right when she said an ounce of prevention is worth a pound of cure. Employees must have guidelines for handling information and know what actions to take if they become a victim.