[BreachExchange] The Most Effective Ways To Protect Your Small Business From Cyber Attacks

Audrey McNeil audrey at riskbasedsecurity.com
Fri Jan 13 18:35:56 EST 2017


https://smallbiztrends.com/2017/01/how-to-protect-your-
small-business-against-a-cyber-attack.html

Okay, I’m going to start with a question.

What would happen if a hacker decided to launch a cyber attack against your
business? Would they be successful? Would they easily gain access to your
company’s sensitive information? Or would their attempt fall flat?

Believe it or not, cyber security isn’t just a concern for large
businesses. It’s something that small business owners need to pay attention
to.

Consider these statistics about Small Business Security:

43 percent of cyber attacks target small business.
Only 14 percent of small businesses rate their ability to mitigate cyber
risks, vulnerabilities and attacks as highly effective.
60 percent of small companies go out of business within six months of a
cyber attack.
48 percent of data security breaches are caused by acts of malicious
intent. Human error or system failure account for the rest.

If you’re a small business owner, you can’t ignore these statistics. You
don’t want your business to suffer because you didn’t take the appropriate
steps to protect it.

You have worked way too hard to allow your company to be threatened by a
hacker, right? In this post, you will learn why it’s important to focus on
cyber security. You will also learn how you can protect your business.

Why Should Small Businesses Be Concerned With Cyber Security?

I know what you’re thinking. You’re thinking that your business is so
small, nobody would ever want to hack it.

It’s easy to think that a small business would never have to deal with
cyber security issues. Makes sense, right? Usually when you hear about a
company being hacked, it’s a major brand like Target or Sony.

But these aren’t the only targets.

It may sound hard to believe, but hackers target small businesses too. You
just don’t hear about it because the media isn’t going to report on hacks
involving small businesses. There are several reasons why a hacker might go
after a small business…

Small Businesses Don’t Take Cyber Security Seriously

Let’s face it. Most small business owners don’t take cyber security
seriously. They think that they’re too small to get a hacker’s attention.

However, this is one of the main reasons why a small business might get
hacked. Hackers know that most small business owners don’t invest in cyber
security.

Why? Because small business owners tend to think they have nothing worth
stealing. This makes them an easy target.

Chances are, you do have something that hackers want: customer payment
information. That brings me to my next point…

You Have Information That Hackers Want

Your business may not be as big as Target or Starbucks … but it doesn’t
matter. You do take payment for your products and services, right? That
means you have something that hackers want. You have your customers’
payment information. You have your employees’ information.

The Council of Better Business Bureaus found that 7.4 percent of small
business owners have been defrauded. As a business owner, you have customer
and employee information. This information is as valuable as gold to
hackers. If your system isn’t secure, these hackers could have access to
payment information and social security numbers. It’s your job to make sure
that this information is protected.

How to Protect Your Small Business Against A Cyber Attack

Okay, so I’ve showed you that being a small business doesn’t necessarily
mean that you can’t get hacked. But if you’re smart — and I know you are —
you’re probably wondering how you can protect your company’s information.
That’s what the next section of this post is about.

Get Cyber Security Insurance

Insurance! It’s not just for your car, house or medical bills. You can also
get insurance for your business. As a matter of fact, every company should
carry some type of business insurance.

But, there is also cyber security insurance. If you’re a small business,
you need this.

Sure, we all hope that security breaches won’t happen. But hope isn’t good
enough. You need to make sure your business is covered.

Cyber liability insurance is designed to protect your business from various
cyber security threats. If there is a security breach, and your company is
held liable, you may end up having to pay out tons of money in a lawsuit.
This can cripple most small businesses.

If you have cyber liability insurance, you won’t have to worry about this.
If you buy the right type of insurance, your legal costs will be covered.

Develop A Password Strategy

Many cyber security attacks happen because the passwords your employees use
are way too simple. If your team isn’t educated, it’s possible that they’re
using passwords that are way too easy to hack.

It happens all the time.

That’s why you need to implement an effective password strategy. You may
not be able to stop every single attack, but you can certainly slow down a
persistent hacker. If your system isn’t easy to hack, it could discourage
the attacker. They will move on to another small business owner who isn’t
as smart as you are!

Fortunately, this is pretty easy.

You should make sure that your team members are required to create
passwords that include a combination of uppercase and lowercase letters,
along with numbers and symbols. Yes, I know this might be a pain, but the
security your company will have is worth it. Also, you should require your
employees to reset their passwords at least once a month.

Use Virtual Data Rooms (VDR)

Virtual data rooms are a great way to keep your company’s information
secure. They make it easier for your employees to share sensitive data.

A virtual data room is an online repository where your company can store
data. They’re usually used with financial transactions. It’s very hard for
a hacker to get to information that is stored in a VDR.

There are many types of information that a company might store in a VDR:

Financial information
Legal documentation
Tax paperwork
Intellectual property information

VDR’s are a great way to ensure that your sensitive information is being
kept safe.

Speak With An Expert

Yes, I know you don’t want to do it. But you should. Paying an IT security
consultant might seem to be a little expensive. But it’s a great investment.

If your house sprung a leak and water was building up in your kitchen,
would you try to fix it yourself? Probably not. You would probably call a
plumber, right?

Why? Because if you’re like most of us, you don’t know the first thing
about plumbing. The same principle applies to IT security.

If you’re concerned about cyber security, you should consider speaking with
an IT security expert. An IT security consultant can take a look at your
business and determine the best course of action when it comes to
protecting it from cyber attacks.

An IT security consultant can identify areas where your company is
vulnerable to cyber attacks. They can make recommendations that will help
you keep your business safe. When it comes to cyber security, you can never
be too careful. If it’s in your budget, hire an expert. You’ll be glad you
did.

Beware Of Internal Threats

This may be a surprise, but most of the cyber security issues that happen
are the result of someone inside the company. It’s not something most
business owners want to think about, but it’s totally true.

Here’s a hard truth: 55 percent of all cyber attacks come from inside the
organization. 31.5 percent are done by malicious employees. 23.5 percent
are done by company insiders who mistakenly leave the company vulnerable to
an attack.

Protecting your company means looking within the organization. It’s easy to
assume that a cyber attack is going to come from an outside force. But it’s
not true. You have to focus on the people inside your company just as much
as people outside your company.

Make sure that you are keeping an eye on your authorization requirements.
Be careful when you’re deciding which employees should have access to
sensitive data. This will help you prevent “internal hacks.”

Don’t feel guilty for watching your employees’ activities; as the owner of
your business, it’s your duty to ensure that you and your team are being
protected. I get it. You don’t want to micromanage. The key is to find the
balance between being safe and being big brother. It’s different for every
company, but if you work at it, you will find that balance.

Summing It All Up

If you’re a small business owner, you need to take your cyber security
seriously. Don’t assume that your company isn’t a target just because
you’re not a big business.

You owe it to yourself, your employees and your customers to make sure that
your business is secure. Preventing cyber attacks should be one of your top
priorities. If you take the right steps, you won’t have to worry about
endangering your business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170113/92b1aced/attachment.html>


More information about the BreachExchange mailing list