I recently wrote in this column about the rise of ransomware, in which hackers hold your business data for ransom, but that's not the only threat to your small businesses’ cybersecurity.
Cyberattacks of all types are on the rise, according to the 2017 Annual Cybersecurity Report from Cisco, and when businesses get hacked, they stand to lose much more than just money.
How are cyber crooks getting in?
While highly complex cyberattacks are increasing, the Cisco report notes that “classic” attacks are on the rise as well. For example, adware that gathers information about a user’s computer without telling them and malicious spam emails are common attack methods. In fact, spam is flying at levels not seen since 2010. According to the report, almost two-thirds (65 percent) of all email is spam, and 8 percent to 10 percent of spam is malicious.
Another risk for businesses is when employees select and use their own third-party cloud apps on company computers. Respondents to the survey say 27 percent of employee-introduced cloud apps led to “significant” security issues for their companies.
What do you stand to lose?
Of course, money is at stake in any cyberattack—but businesses, especially small ones, often lose much more than that. Security breaches can affect all aspects of a targeted company, from its operations and finance to its brand reputation and customer loyalty.
More than half of the businesses surveyed that had their data breached were subjected to public scrutiny as a result.
They also suffered some measurable losses:
- 29 percent of businesses that were breached lost revenue; 38 percent of those lost more than 20 percent of their revenues.
- 23 percent of businesses lost business opportunities after a cyberattack; 42 percent of those lost more than 20 percent of their potential new business.
- 22 percent of businesses that suffered a cyberattack lost customers; 40 percent of those lost more than 20 percent of their customers.
How can you protect your business from a cyberattack?
Keeping your small business safe from cybercrime requires constant vigilance to stay on top of new threats. The task may seem so daunting you’re tempted not to bother—but as the figures above show, no small business owner can afford to take that risk.
Here's what you need to do to protect your business from cyberattacks.
- Develop cybersecurity practices for your business, including both technical and behavioral protections.
- Guard your systems with firewalls, antivirus software and automatic updates of operating systems and software.
- Regularly test the security of your systems. Cybercriminals never rest, and neither can you.
- Make your employees your first line of defense. Educate employees on the importance of following your cybersecurity policies, such as changing passwords frequently, not opening suspicious emails and not downloading software or connecting to unauthorized cloud services on company computers. Enforce consequences for not following the policies.
- Identify common methods that cybercriminals use. Emails that appear to be from someone within the company or spam emails with unusual attachments or hyperlinks are things to watch out for.
- Always back up your data in case of an emergency, and choose a backup system that lets you restore your lost data quickly.
The most important step in protecting your business from cybercrime is taking cybersecurity seriously. As the leader of your business, you need to model the behavior you want your employees to follow when it comes to keeping your business data and networks safe from intruders. Devote time, effort and a chunk of your budget to cybersecurity, and your employees will see that you mean business when it comes to protecting your business.
Do you need help assessing your company’s security readiness and updating your cybersecurity practices? The experts at SCORE are here to help. Visit SCORE to find a mentor today, and get advice and consulting for free.