Since the start of the COVID-19 pandemic, small businesses have quickly embraced remote working and transitioned to new technologies such as contactless payments and online ordering. Unfortunately, these adjustments come with increased risks. According to a 2022 report by Barracuda, a cloud and network security company, small businesses with fewer than 100 employees receive 350% more social engineering attacks, such as phishing, scamming or email compromise, than larger businesses.
Compared to large companies, many small businesses have fewer resources to dedicate to cyber security, making them vulnerable to the ever-evolving tactics of cybercriminals. And dealing with the consequences of a cyberattack can be seriously damaging to a business’s bottom line, costing about $25,000 a year.
Learn how to protect your small business from cyberattacks with these four tips.
1. Evaluate Your Online System
Before you can effectively secure your business from cyber threats, you must have a thorough understanding of your current ecosystem of online computer operations. You may ask: “What do we do on any machine connected to the Internet?” Andrew Lipton, vice president, head of cyber claims, AmTrust Financial Services, a small-business insurance company.
Business owners should understand where their data resides and categorize what types of data they store – for example, names, addresses, Social Security numbers.
Lipton suggests reaching out to a legal expert, especially if you’re handling sensitive information like Social Security or credit card numbers, to get a better understanding of the consequences of a data breach and to get a professional opinion about how to protect your data. can do
Then, you’re in a good position to talk to your Internet service provider to find out the best way to secure your most important information.
2. Implement Cyber Security Best Practices
Even without the firepower of large companies, small businesses can create a defense that discourages cybercriminals from carrying out their attacks, said Najma Sultana by email. Sultana is the Chief Security Officer at Veeam, a global payments provider for small businesses.
As a business owner, you can implement basic safety and hygiene practices, such as:
– Installing firewalls to prevent unauthorized access to your network.
— Using antivirus software and ensuring that it is updated regularly.
— Backing up data regularly and storing it offline or somewhere else, not just in the cloud.
– Creating strong passwords and not using the same password across different accounts.
— Requires multifactor authentication, which asks for two identifying factors, such as a password and a code, to access accounts and systems.
Some of these security features may already be at your disposal. “Many applications and software your company already uses will have built-in security features, but they won’t be turned on by default,” Lauren Winchester, vice president of risk and response at Corvus Insurance, said by email.
You can enable these features to quickly and easily add an extra layer of security to your business.
3. Train Your Employees—and Yourself
You and your employees are often the first line of defense to protect your business from cyberattacks. In fact, according to the 2022 Global Risks Report by the World Economic Forum, 95% of cyber security issues can be traced back to human error.
Getting basic cybersecurity training can help you and your employees identify common threats such as phishing emails or suspicious downloads, as well as develop online best practices such as safe browsing and strong passwords.
And with employees working remotely or in different office locations, it’s especially important for your business to create and review cybersecurity policies, including security guidelines and what to do in the event of a data breach.
Federal Communications Commission Offers a Free Online Tool To help you create a customized cyber security plan based on your specific business needs. Free virtual and personal cybersecurity training programs available from the US Small Business Administration and its partners, Your Internet system and cyber insurance provider may also offer this type of training.
4. Investing in Cyber Security Insurance
cyber security insurance Can help protect your business from financial losses caused by incidents such as data breaches, ransomware attacks and hacking.
If, for example, your point-of-sale system is hacked and hackers release your customers’ stored credit card information, this policy is to notify your customers, investigate incidents, and provide credit monitoring services. will cover the cost of It will also cover legal fees or settlements if a customer sues your business as a result of the incident.
The best cyber insurance carriers on the market today are more than a backstop for financial losses, says Lipton of AmTrust Financial Services. These insurance companies will not only provide a comprehensive policy, but will also help evaluate your system, offer advice on how to better protect your data, and connect you with additional security partners or vendors in your network.
Look for a carrier that has volunteered to be your partner in cybersecurity strategy, Lipton says. Insurance is “an important component of a cybersecurity strategy, but it is just one piece.”
This article was provided by personal finance website NerdWallet to the Associated Press. Randa Chris is a writer at NerdWallet. Email: [email protected]
NerdWallet: Cyber Security Insurance: What It Is, Which Businesses Need It https://bit.ly/nerdwallet-cybersecurity-insurance
FCC.gov: Cyberplanner https://www.fcc.gov/cyberplanner
SBA.gov: Find Cyber Security Program https://www.sba.gov/events/find?dateRange=all&distance=200&q=cybersecurity&pageNumber=1