Cybersecurity Practices That Protect Your Small Business Entrepreneurs think lack of customers, bad service and limited capital are what causes bankruptcy. Try being a victim of cybercrime.
Opinions expressed by Entrepreneur contributors are their own.
Success instills pride. Unfortunately, valuable possessions also attract thieves. Entrepreneurs think lack of customers, bad service and limited capital are what causes bankruptcy. Try being a victim of cyber crime.
The National Cyber Security Alliance found that 60 percent of companies that are victims of a cyber attack go out of business within six months. The average loss is $200,000, according to a 2019 report by insurance carrier Hiscox. That's a hefty sum for startups, most of which are already reeling from the virus outbreak. Currently, 15 percent of small businesses do not expect to survive the recession, which means a cyber attack would have devastating consequences.
Here are cybersecurity practices that protect your business.
Train staff on security protocols
While big companies get all the media attention, hackers also exploit smaller organizations. It's partly because criminals know that small firms have less resources to devote to IT security. A 2019 Accenture study found that 43 percent of cyber attacks are aimed at small businesses but only 14 percent are prepared to defend themselves. A different McAfee study found that only 30 percent of employees receive annual cybersecurity training.
Because startups have leaner budgets, it's essential to implement the right security protocols that mitigate most of the risk. Employee training should be at the top of the list. Knowledgeable workers make it difficult for con artists to gain unauthorized access to networks, files and bank information. Business owners or a security expert should teach personnel to regularly backup data; update software; avoid suspicious websites and links; and ignore or report unsolicited requests.
Through training, staff will know to use multi-factor authentication on devices and accounts. Finally, trained employees reduce the risk of social hacking, where criminals pose as legitimate customers or vendors to retrieve sensitive info. Entrepreneurs and owners should keep themselves aware of ongoing threats.
Make your devices and platforms hacker-proof
Fraudsters have stolen $24 million worth of Bitcoin in the first half of 2020, according to analytics firm Whale Alert. That's a small amount in the grand scheme of things, but cryptocurrency theft has gained prominence since the recent hacking of Twitter accounts belonging to Bill Gates, Barack Obama, Elon Musk and other VIPs. Thus, cyber crime also harms billion-dollar reputations and credibility in addition to victims' wallets.
In the Twitter hack, criminals stole cryptocurrencies by posting wallet addresses on celebrity accounts and by asking for donations supposedly for charitable causes. On YouTube and other social platforms, scammers posted advertisements falsely claiming that billionaire Musk was giving away 5,000 bitcoins. According to Whale Alert, such scams can earn criminals more than $130,000 per day.
"Theft of digital funds will continue to increase because scammers are using sophisticated methods to access devices, emails, social profiles, keyboard strokes and even two-factor authentication codes," says Ruben Merre, CEO of blockchain security firm NGRAVE. "With overall adoption growing, more funds are flowing into the space and therefore the appeal to engage in scamming practices increases as well. In certain situations, it's better to store valuable items off the grid and to minimize online connection possibilities as these are all potential attack vectors for hackers or scammers."
So how do criminals steal multi-factor codes? They can swap a phone's SIM card, or install malware that tracks a device's keystrokes and/or monitor an electronic screen. Hackers have also falsely described apps as having coronavirus-related functions in order to trick users into downloading malware. Criminals have recently targeted hospitals because their need to quickly access COVID-19 data makes it more likely they'll pay ransom when that data becomes inaccessible.
Install anti-virus and anti-malware software
As mentioned, small businesses have limited budgets and often lack IT expertise and resources. Low-cost solutions that have major impact is the way to go.
Entrepreneurs should install the latest anti-virus and anti-malware software that find and identify threats. You can also turn on Microsoft and Google security features such as firewalls, browser checkup and file encryption to protect data. Encryption makes data useless to unauthorized individuals, and fraudsters are more inclined to target potential victims that offer less resistance.
Finally, your software and operating system should be kept up-to-date. Run a full scan weekly. Another inexpensive solution is a virtual private network (VPN). A VPN hides your IP address so you can surf the web anonymously. It's harder for criminals to hack your hardware or accounts if they can't track you. And delete all those unnecessary apps and software that are clogging your phone and laptop.
Crime is evolving, and business owners should adapt to the risks they face.