Everybody’s warning small business owners. The media, local businesses like yours, investors and lenders want you to gear up for a cyber assault, big or small. CNBC reports, “A survey of small-business owners by Nationwide found only 13 percent of respondents believed they had experienced a cyberattack. However, when owners were shown a list of specific examples of attacks, including phishing, viruses, and ransomware, the figure of those reporting attacks increased to 58 percent.”
USA Today indicates:
- “Cyberattacks cost small businesses between $84,000 and $148,000.
- 60% of small businesses go out of business within six months of an attack.
- 90% of small businesses don’t use any data protection at all for company and customer information.”
SmallBizTrends warns, “the need for improved cybersecurity has increased following a recent spike in cyber attacks. Data from 2018 indicates 43 percent of cyber attacks target small businesses. The threats are growing and changing as quickly as online technology.”
So, how does a small business owner avoid the financial impact of cybersecurity attacks? Before a business opens its doors, a small business owner must invest in security. Why? Among other issues, you probably have some unique intellectual property that needs safekeeping. Beyond that, every business transaction creates data of interest to cybercriminals. This data includes personal information on every employee, financial records and accounts, customer files and transactions and much more.
How Do You Protect Your Business?
The reality is that criminals can hack and ransom the biggest corporations in the world. Fortunately, there are a number of things you can do to protect yourself including:
- Create physical security to backup and store data in theft-resistant cabinets and vaults.
- Test your firewalls, data security systems, and backup procedures.
- Invest in the best software and security programs.
- Establish and enforce consistent employee procedures to eliminate invasive attachments, clean their own devices and respond to threats.
- Move everything you can to the cloud.
- Create a data breach disaster plan for employee action, customer notification, and cyber repair.
- Dedicate one computer for online financial transactions.
- Educate employees as they come on board and with regular meetings thereafter. They must know the nature, impact, and correction of threats.
- Encrypt all data, sensitive and otherwise.
- Secure and implement two-factor identity verification.
- Buy cyber liability insurance.
Get Free Help Where You Can
There are scores of free and helpful tools to protect your small business against cyberattacks. The following is not an endorsement so much as a recommendation to research more opportunities:
- Secure your smartphones with antivirus apps and add-ons available through Apple and/or Android stores.
- Free ransomware programs are available through Avast, Bitdefender, Kaspersky, and Trend.
- Free antivirus protection is offered by Avast, AVG, Bitdefender, Check Point ZoneAlarm and Kaspersky.
- Symantec Norton Identity Vaults, LastPass, Myki Password Management Suite, and EnPass Password Manager are free password storage and/or finder tools.
- Malware Anti-Virus leads the list of free anti-malware tools, including SpyBot Search & Destroy and Emsisoft Emergency Kit.
- Free tools, like BitChat, VeraCrypt, OpenPGP protocol, and AxCrypt will encrypt emails, Instagrams, peer-to-peer messages and other transactions.
These defenses and more are available for free, open-source programs offered for the benefit of the Internet at large. But, the average small business owner needs the advice of an IT professional to assemble and execute a strategic approach to the threats your business faces.
Get What You Need From The SBA
The Small Business Administration (SBA) offers much assistance to small business owners.
- The Department of Homeland Security established a Critical Infrastructure Cyber Community (C3) Voluntary Program to educates owners about cybersecurity.
- The Federal Communications Commission (FCC) produced a Small Biz Cyber Planner.
- Cyber Security for Small Business is an online course in protecting information and networks.
- Cyber Resilience Review (CRR) will assess your technology vulnerability and resilience.
- The Federal Trade Commission (FTC) provides a downloadable Start with Security: A Guide for Business, videos and more.
- Homeland Security provides Cybersecurity Advisors (CSAs), regionally-located IT consultants who help businesses plan and execute their security solutions.
In the event of a breach, your small business must be prepared to:
- Act immediately with your cybersecurity response team. You need the structure and planning to respond as if the business had burned to the ground.
- Do what you can to contain the problem. Let your IT people isolate and quarantine the problem.
- Share the news with every affected group. Identify your problem in clear language that explains what the users must do in their own interest and what you are doing to solve the issue.
How To Avoid Cyberattacks
It’s just a matter of time before cybercriminals attack your small business. The damage may come from inside or outside, but the impact is real and sometimes fatal. Any company, especially those doing business with the government, needs an operational and strategic plan for avoiding cybersecurity attacks, containing their damage and repairing the damage done. It’s never too early to plan and to continue to learn, as well as update your defenses.