Join our Waitlist for Expert Advice!

The Major Security Risks Small Businesses Face and How to Defend Against Them Just because you are flying under the radar, doesn't mean cyber attackers won't target you. Hear from experts on how to keep your business safe.

By Andrea Huspeni

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

No business is completely safe from security vulnerabilities. Just look at Target, Home Depot and TJ Maxx. While these well-known companies may seem like a more attractive target for hackers, the businesses flying under the radar face the same, if not more, threats from cyber attackers looking to cause mayhem in a company.

To help small- and midsize-businesses stay protected, we asked tech experts what the biggest security risk these companies face and how they can defend against them.

Here is what they had to say:

Cyber attackers don't discriminate.

Small and midsize businesses often make a philosophical mistake right off the bat: They assume they are too small to be relevant to hackers. I can promise you that cyber attackers believe in equal opportunity for targets.

Related: Here's How to Build a Strong Security Team to Keep Your Company Safe and Sound

So while larger companies often opt for corporate-owned devices, there are many products available on a per-seat basis that will work to secure proprietary data even when accessed by personally-owned devices. This is where SMBs need to focus: on the protection of their data. Even if your strategy is not as comprehensive (or expensive) as those in place at a federal agency or a massive corporation, building roadblocks on the way to exposed plaintext information is a necessary tactic to discourage hackers. Otherwise you're an easy mark.

-- Ray Potter, CEO of SafeLogic, a company providing security, encryption and FIPS validation products to applications

Security flaws are everywhere.

Right now a lot of the challenges arise from how networked and interconnected the modern marketplace is. Social media is a great example of a technology and business advancement that has brought businesses closer to customers and clients while also increasing business risk.

As employees engage in sales and networking across social networks, new pathways into the business open up and cyber criminals know how to exploit them. One of the most effective actions businesses can take to reduce the risks that come from our interconnected marketplace is to provide knowledge. Many users do not understand how cyber criminals leverage social tools and technologies to gain access to businesses and their data. A simple weekly update from IT on threats and how to avoid them is an important way to ensure your user base is well informed and avoiding risky online activity. It empowers your employees to be accountable for security, and incorporates them into your security solution.

-- Anna Frazzetto, Chief Digital Technology Officer and SVP at Harvey Nash, an IT recruiting firm

It comes back to the data.

Protecting sensitive data from hackers should be the top priority for businesses of all sizes. These threats can come in the form of phishing and malware that seek to infiltrate the corporate network, endpoints and the cloud applications employees use. To mitigate against these threats:

  • Update patches as they become available
  • Use security products that protect the entire IT stack – the device, operating system, application, network, cloud and data layers
  • Train employees to have security awareness

-- Pravin Kothari, founder and CEO of CipherCloud, an enterprise cloud security company

Related: 7 Cybersecurity Layers Every Entrepreneur Needs to Understand

People are a liability.

People remain the biggest security risk to any sized organization, including SMBs. As threats become more sophisticated, even careful employees may find themselves victims of phishing or accidentally opening attachments with viruses. The best defense is ensuring that staff get consistent education to keep security at the top of mind. Security training for all employees really should start on day one.

The other large issue I see is organizations maintaining a legacy security posture, or original security plan. It's not enough to configure the firewall and walk away. Every organization should consider bringing in a third party to get a vulnerability assessment. Even if you have a dedicated security team, a second set of eyeballs will help identify risks and start working towards remediation.

-- Cortney Thompson, Chief Technology Officer of Green House Data, an environmentally conscious data center service

Imbalance in security.

The fastest growing threat are sophisticated phishing attacks, which, when not identified and stopped promptly, can lead to a loss of business.

Business needs to be smart about balancing in-house security resources and building a strong team, while also leveraging third-party security services. There are a number of third-party security services, many of them are SaaS based, that don't require investments in hardware and are generally easier to deploy.

Related: Why Small-Business Entrepreneurs Should Care About Cybersecurity

Perhaps the most important thing is to treat security threats seriously and to proactively assess your security measures. Many companies don't take security seriously enough until something bad happens. It is generally a lot more expensive to clean up after a security breach, than addressing it proactively.

-- Arne Josefsberg, Chief Information Officer of GoDaddy, an Internet domain registrar and web hosting company

Andrea Huspeni

Founder of This Dog's Life

Andrea Huspeni is the former special projects director at Entrepreneur.com and the founder of This Dog's Life.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Business News

You Have One Month Left to Buy a House, According to Barbara Corcoran. Here's Why.

"If you are planning on waiting a year and seeing where interest rates go, you are out of your mind," Corcoran said.

Business Solutions

Cut Costs, Not Features with This Microsoft Bundle Deal

You get Office, Windows, Project, and Visio for $72.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Data & Recovery

Protect Your Business Data Without Sacrificing Privacy With Koofr Cloud Storage on Sale

Get 1TB of lifetime storage for your business with no recurring fees or data tracking.

Franchise

The McRib Is Back, But Only at Select McDonald's — Here's Where to Find It

This scarcity is nothing new. In 2022, McDonald's announced a "Farewell Tour" for the McRib, suggesting that it might be the last time customers could get their hands on it.

Side Hustle

I Made $14,000 in 1 Week With a Spontaneous Halloween Costume Side Hustle — Here's How

Sabba Keynejad was in art school when he started to refine his entrepreneurial skills.