For businesses to survive in 2020 and beyond, they’ve had to adapt their business to the new reality – that even a small business in Northern Michigan can have customers in other continents and employees spread around the globe. Technology and broadband connectivity have opened up new markets and opportunities, and have driven new capabilities and efficiency. What small businesses may not appreciate, however, is the opportunity for harm, abuse, fraud and non-compliance in this new always on, always ready business environment we live in today.
What is Cyber?
Cybersecurity (Cyber) is a term that’s used so often it can be difficult to discern what it really means and why your company should care about it. So what is cyber and why should you care?
For businesses to survive in 2020 and beyond, they’ve had to adapt their business to the new reality – that even a small business in Northern Michigan can have customers in other continents and employees spread around the globe. Technology and broadband connectivity have opened up new markets and opportunities, and have driven new capabilities and efficiency.
What small businesses may not appreciate, however, is the opportunity for harm, abuse, fraud and non-compliance in this new always on, always ready business environment we live in today. What’s made cybersecurity even more challenging for small businesses right now, is the increased activity of attacks during the Covid-19 pandemic. Depending on the industry, email and mobile phishing attacks have increased anywhere from 25% to 150% based on the same timeframe 1 year ago, and some of the attacks are VERY convincing. Criminals know that people are uncomfortable and are looking for guidance, and they prey on those individuals.
The Small Business Challenge
According to the 2020 Verizon Data Breach Investigations Report, 28% of breaches involved small business victims. Unfortunately, the 2020 reality is that small businesses that encounter any type of breach are viewed as unreliable and risky partners. That should be enough to convince all small business owners that cybersecurity is not something to be taken lightly.
Businesses need a cybersecurity strategy to protect not only their business, but to protect the data security and privacy of their customers as well. Though many small businesses leverage IT service providers for support, those providers often lack the cybersecurity expertise to be able to accurately assess the organization’s cybersecurity risk, develop a comprehensive program and monitor that program over time.
Small businesses need someone with expertise in cybersecurity to manage the program day-to-day and ensure that when there are changes in business activities or external threats (like the need for all staff to work remotely), the cybersecurity program is adapted to manage the new reality. For example, during our Covid-19 pandemic when so many employees are working from home and have a reduced ability to quickly ask a colleague or IT for guidance, companies should be focusing prevention efforts on educating users to identify and report potential email and mobile threats.
Eight Core Cybersecurity Practices for Every Small Business
Fortunately, managing cybersecurity for a small business doesn’t take the amount of resources needed at large organizations. There are core functions that require focus, such as email security, laptop security, managing remote access and educating staff. There are organizations that can manage your cybersecurity program for you, but even if you choose to handle it yourself, it can be manageable.
SBAM has partnered with Data Protection Partners, an SBAM VIP member and Certified Small Business in Michigan, to develop these eight Cybersecurity Practices for Every Small Business to help guide you in managing cybersecurity risk. Most small businesses can significantly reduce their cyber risk by focusing on eight key practices. Those practices and a brief synopsis of each are below.
- Use Secure Devices – Secure your computers, tablets and smartphones
- Secure Your Connection –Use secure networks and use secure remote access methods
- Secure Your Email –Use the security features of Office 365 and/or G Suite
- Use Strong Authentication –Use 2-factor authentication whenever possible
- Control Access –Make sure access is only given to those with a legitimate business need
- Train Your Workforce –Educate staff on secure computing practices
- Be Ready for the Worst – Have contingency plans ready and test them
- Monitor Compliance – Make sure you know and follow your regulatory obligations
SBAM Advice: Be Formidable
When it comes to cybersecurity, we want all SBAM members to be formidable defenders against cyber threats. By following these cybersecurity practices, we are confident you can significantly reduce your organization’s cybersecurity risk.
As your trusted resource, SBAM provides guidance on cybersecurity practices for small business, and can raise your awareness of SBAM-member companies specifically offering cybersecurity support for small business. Please click here to read more about cybersecurity practices.
Article provided by: Data Protection Partners www.datapropartners.com / firstname.lastname@example.org.