By Brandon Vogel
When you hear the term “cyber-attack,” the mental image that most readily comes to mind is a big corporation having to conduct damage control after a security breach exposes millions of its customers’ personal information. However, although these are the most visible cases of cyber-attacks, data breaches affect companies of all sizes, and small businesses are often at greater risk.
According to Forbes, cybercrime costs are projected to reach $2 trillion by 2019, and Microsoft reports that 20% of small to mid-sized businesses have been cyber crime targets. In a House of Representatives hearing entitled “Small Business, Big Threat: Protecting Small Businesses from Cyber Attacks,” it was reported that 71% of cyber-attacks occur at businesses with fewer than 100 employees.
While small businesses and entrepreneurs may be tempted think their information is not worth stealing, view data protection as a burdensome expense or maintain the mindset that data security as “someone else’s problem,” cyber security should be priority number one for entrepreneurs. Changing data storage practices, i.e. moving from on-site to cloud storage, combined with neglectful cyber security practices, have caused hackers to learn that small businesses are easy targets.
Do not let your small business be the next data breach failure story. Here are five steps that you can take to ensure your data is protected:
- Educate yourself on evolving threats
The best step you can take to protecting your information is preparedness—take the time to learn about the internal and external vulnerabilities that affect businesses, and try to identify points of weakness. Also, educate yourself on the various cyber fraud schemes (phishing, malware, system hacking, etc.).
- Create a comprehensive company security policy
Develop comprehensive data security protocols, and be sure that the policies permeate throughout the entire organization, especially with your employees, who are the first line of defense against cyber-attacks.
- Make the call
Verify financial requests by phone. This two-step verification process will add another layer of security to your financial transactions.
- Update your software
As annoying as those software update notifications can be, it is essential that you keep your anti-virus software and security applications current—they help guard your infrastructure from the latest threats.
- Create an incident response plan and practice it
Your incident response plan should be like a fire drill—practiced repeatedly so everyone, specifically your employees, know what to do in case of an emergency. Collective accountability can be the first line of defense.
An additional resource to help educate yourself is the book “Hacked Again” by Scott Schober, a New Jersey small businessman who suffered two online robberies committed by cyber thieves. Schober’s book helps inform readers on basic computer systems and contains a cybersecurity glossary featuring eighty-six need-to-know terms.
Cyber security is everyone’s responsibility.