The 10 most dangerous mistakes entrepreneurs and small businesses make about their security
Click here [audio] if you prefer to listen the relevant episode.
Download the Free checklist “COVER YOUR PROTECTION BASES”.
Mistake #1 Believing a cyber-attack will never affect you
According to recent statistics from IBM 62 out of 100 attacks are hitting small and medium size businesses. In terms of numbers this is about 4000 attacks per day. Based on those facts it is not about if but when you will be hit by a cyber-attack.
Mistake #2 Not covering even the basics
Based on my experience entrepreneurs and small businesses are not considering security for many factors. It could be due to the lack of awareness or budget issues, but security just does not exist in your business plan. Yet that mentality can get you into serious trouble. Most of the time even basic things like an antivirus can make a huge difference for your security levels and can dramatically decrease your threat levels.
Mistake #3 Lack of secure habits
Ok this is not something that only entrepreneurs and small businesses suffer from. Even in big corporations they lack these extremely valuable habits, but for a completely different reason. The focus of this episode is on the entrepreneurs and small businesses, who are generally subjected to mass attacks and suffer severe damages if they do not have their basics covered and have not established the right behaviors. Overall, your team’s and your behavior and habits have the power to trigger an attack or help you avoid it. It’s that simple and it is the number one skill you can invest in protection. No matter how sophisticated is an attack, if you do not click the link in the email or you have strong passwords, you are not an enabler of the attack)! You get my point.
Mistake #4: Working from dangerous places
Entrepreneurs especially have this habit of working from coffee shops or anywhere else they can find public Wi-Fi. Unfortunately, these locations attract hackers which can damage your work devices and steal your personal and business information.
Mistake #5 Have no boundaries between personal and business life
Yes, this is not only bad for your productivity, but is also unsafe for you. For example, having potential clients over at your house, among other things, poses a physical security threat for you and your family. You never know who is really interested in your services or you personally and whether they are playing a role of a potential client to collect more information about you.
Want a little help? Download the Free checklist “COVER YOUR PROTECTION BASES”.
Mistake #6 Social Media Oversharing
Social media is a great channel for entrepreneurs and small businesses to market their work for two reasons: cost, which is relatively low in comparison to other promotional tactics, and the number of people they can reach simultaneously across the globe. However, social media comes with a huge danger for you personally and professionally if you do not know what and how to share. For example, a very clear mistake I often see is listing your personal address, which is the same as your business address on your profile. You are setting yourself up for identity theft. Another example is announcing when you will be on holidays or mixing your real friends with your clients and, in general, with anyone who sends you a friend request. You will be surprised how much information that you post online can damage you. It is not possible to analyze all the mistakes you make on social media in this episode, as this topic relates to the connection between various types of data. What I want you to take away from this, is that you can learn how to use social media networks as a marketing tool to your advantage instead of allowing them to be used against you!
Mistake #7 Leaking data everywhere
One of the worst habits I have seen is saving your data anywhere without any critical evaluation; let alone security evaluation of the potential for its damage. This usually happens due to inability to differentiate between the types of the data you have. Keeping vital information of your business or your clients in Dropbox, Google Drive or other cloud services is a no-no. Another dangerous behavior is keeping the passwords to all of your accounts within cloud services. Please, if you do, remove them immediately. I know it seems convenient, but it is not worth the risk. Besides, there are other convenient ways to keep your passwords safe without compromising your business.
Mistake #8 Not knowing the impact of an attack
The impact of a cyber-attack can range from legal suits to client loss, to closing your business. I will just let the numbers talk giving you the true picture. 6 out of 10 companies, which suffer a cyber-attack, are out of business within 6 months according to the US National Cyber Security Association.
Mistake #9 Having outdated and dusted systems
Obviously I am not referring to dust in a literal way. Having old systems that are outdated is a very serious threat for your business. When an operating system is not supported anymore it is time to replace it with a new one. Same goes for software, always keep your software and devices updated.
Mistake #10 Not knowing that the cost of protecting your business is just a fraction of the cost of an attack
The average cost of an attack to small and medium size business is $100 000 of which $68 000 are not recoverable according to the European Cyber Security Organization. There is no security solution that would cost you that much! More importantly, this amount doesn’t even include the long-term costs of losing clients and legal suits against you especially considering the new laws which will be applied this year.
Apply what you learn immediately. Download the Free checklist “COVER YOUR PROTECTION BASES”.
And now I would love to hear from you. From the 10 mistakes we talked about which one is most important and urgent for you to focus on right now. Let’s talk about it in the comments below.
Lack of secure habits is the number 1 cause of a cyber-attack.
Related Posts:
Passwords: When the Rules are not working anymore make new ones!
Passwords. You know how to? Statistics say you don’t!
Password day 2017! Tips OR Solution? Your choice.
PS. For exclusive content you can JOIN SECURITY INNER CIRCLE.
About Yiota Nicolaidou
Yiota Nicolaidou is on a mission to eliminate terrorist and information security attacks (both cyber and physical) on businesses, by demystifying their security and simplifying their protection. Yiota is a former Communications Affairs Attaché for the Cyprus government, a Safety Critical Infrastructures adviser and Director of Regional Control Center of Operations for the Cyprus Civil Defence, information security analyst & strategist for the Cyprus Cyber Security Organization (CyCSO) NPO, an ambassador and correspondent for the Olbios Network for Action and finally, the founder of Secure World Vision, an international company enabling businesses to protect their valuable assets. Trained in Safety Critical Systems and Highly Classified Information, Yiota was the star pupil and mentee of Professor Dhiraj Pradhan, an ACM award winner and adviser, amongst others to NASA. Her academic qualifications include a degree in Hardware Design, a master’s in Advanced Microelectronic Systems Engineering with further specialisation in fault tolerance, hardware security, usable security & human brain functionality. Yiota’s expertise has been sought out by top semiconductor companies, Boeing, the European Space Agency, Europol, and governmental agencies fighting cyber-terrorism; she has also undertaken government-based safety critical infrastructure re-design related to public protection and the state. Yiota focuses her training model on holistic security, strategy and mental behavioural models. She also helps non-profit organisations by supplying them with the required technological tools.Featured as a female role model in Cyprus.
You can learn more at https://www.yiotanicolaidou.com and https://www.secureworldvision.com
