As 2020 approaches, small and mid-size businesses (SMBs) must start taking cybersecurity more seriously.
According to a recent report released by Verizon Data Breach Investigations, nearly a third of cyberattack victims in 2018 were on businesses and organizations that had fewer than 250 workers — small and mid-size businesses.
The problem for many of these businesses is that they don’t know where to start where cybersecurity is concerned. While the headlines are filled with warnings about cybersecurity attacks, including ransomware attacks, viruses, Trojan horses, and more, these articles often say little about what small and mid-level businesses can do to protect themselves.
Below, we’ll attempt to correct this omission by providing small businesses with the top three cybersecurity considerations they should be thinking about in the new year.
The Top 3 Cybersecurity Considerations for Small and Mid-Size Businesses in 2020
1. Employee Training
Says Matt Mercier of Acapella Technologies:
“[Some of the] greatest vulnerabilities in your infrastructure are not devices, but people. Be certain that awareness of cybersecurity is high within your company. Urge your employees to check and recheck before they click aby links in emails or on websites. When in doubt, don’t click. Consider cybersecurity training, penetration testing, and phishing training for your staff.”
This couldn’t be more correct. While many companies assume that their best defence against cyberattacks will come in the form of anti-virus software and firewalls, the truth is that it comes down to how well your employees are trained in noting day-to-day business anomalies, including possible phishing emails and/or phone calls.
2. Better Backups
Says Samantha Motz of Motz Technologies LLC:
“No matter how much training and security you put in place, no system is impervious to attack. People make mistakes, and security systems can’t catch everything. Having a good backup in place can make the difference between quickly recovering from a breach and spending weeks or months painstakingly re-creating data if that’s even possible.”
Working with a high-quality IT services company can help you come up with a solid backup plan. Backups must be carried out regularly to stay up-to-date, but they also must be stored in such a manner that they cannot be accessed by the same cybercriminals who are attempting to scam you in other ways. The purpose of a strong backup system is to be able to recover quickly and fully after a cyberattack.
3. Virus Protection
While better employee training should certainly be the first thing on your cybersecurity list, there are some instances in which a security breach won’t be the fault of any person. Viruses and other malware can infiltrate your systems and networks without having to go through an individual, and this is where virus protection and the importance of top-notch antivirus software comes in.
A Final Suggestion for Small Business Owners and Managers
When surveyed about the top considerations small businesses should have in regards to cybersecurity, there was an additional consideration that many IT professionals stressed: There needs to be more aware of the threat of cybercrime from business owners and management.
The truth of the matter is that when business owners and managers understand the immense threat that cybercrime has on their organizations, this is the only time constructive cybercrime prevention takes place. Jorge Rojas of Tektonic Inc. noted:
“In our experience, [it] looks like [many SMBs] feel they are immune to cybersecurity threats. Statements like, ‘We are too small,’ ‘We have nothing to hide,’ [and] ‘Who would be interested in us?’ are a common theme.”
These mentalities are dangerous. The truth is that cybercriminals do target small businesses, often for the very reason that businesses think they won’t be targeted — because they don’t have the right security protocols in place or any at all.
Nathan Maxwell of CCI backs this up:
“SMBs are content to only change when things are on fire … cybersecurity usually receives little more than lip service. Money and staffing don’t back up the talk. Budgets are tight, and getting a product out the door is the highest priority.”
It’s crucial to be smart with your business’s security. Invest in a cybersecurity plan that will protect your company in the event of a security breach. If you are unsure where to start, it’s always constructive to speak with an IT services company. Managed IT services will take the worry off your shoulders and ensure that you are protected in the event of a serious security breach.