Get All Access for $5/mo

The Major Security Risks Small Businesses Face and How to Defend Against Them Just because you are flying under the radar, doesn't mean cyber attackers won't target you. Hear from experts on how to keep your business safe.

By Andrea Huspeni

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

No business is completely safe from security vulnerabilities. Just look at Target, Home Depot and TJ Maxx. While these well-known companies may seem like a more attractive target for hackers, the businesses flying under the radar face the same, if not more, threats from cyber attackers looking to cause mayhem in a company.

To help small- and midsize-businesses stay protected, we asked tech experts what the biggest security risk these companies face and how they can defend against them.

Here is what they had to say:

Cyber attackers don't discriminate.

Small and midsize businesses often make a philosophical mistake right off the bat: They assume they are too small to be relevant to hackers. I can promise you that cyber attackers believe in equal opportunity for targets.

Related: Here's How to Build a Strong Security Team to Keep Your Company Safe and Sound

So while larger companies often opt for corporate-owned devices, there are many products available on a per-seat basis that will work to secure proprietary data even when accessed by personally-owned devices. This is where SMBs need to focus: on the protection of their data. Even if your strategy is not as comprehensive (or expensive) as those in place at a federal agency or a massive corporation, building roadblocks on the way to exposed plaintext information is a necessary tactic to discourage hackers. Otherwise you're an easy mark.

-- Ray Potter, CEO of SafeLogic, a company providing security, encryption and FIPS validation products to applications

Security flaws are everywhere.

Right now a lot of the challenges arise from how networked and interconnected the modern marketplace is. Social media is a great example of a technology and business advancement that has brought businesses closer to customers and clients while also increasing business risk.

As employees engage in sales and networking across social networks, new pathways into the business open up and cyber criminals know how to exploit them. One of the most effective actions businesses can take to reduce the risks that come from our interconnected marketplace is to provide knowledge. Many users do not understand how cyber criminals leverage social tools and technologies to gain access to businesses and their data. A simple weekly update from IT on threats and how to avoid them is an important way to ensure your user base is well informed and avoiding risky online activity. It empowers your employees to be accountable for security, and incorporates them into your security solution.

-- Anna Frazzetto, Chief Digital Technology Officer and SVP at Harvey Nash, an IT recruiting firm

It comes back to the data.

Protecting sensitive data from hackers should be the top priority for businesses of all sizes. These threats can come in the form of phishing and malware that seek to infiltrate the corporate network, endpoints and the cloud applications employees use. To mitigate against these threats:

  • Update patches as they become available
  • Use security products that protect the entire IT stack – the device, operating system, application, network, cloud and data layers
  • Train employees to have security awareness

-- Pravin Kothari, founder and CEO of CipherCloud, an enterprise cloud security company

Related: 7 Cybersecurity Layers Every Entrepreneur Needs to Understand

People are a liability.

People remain the biggest security risk to any sized organization, including SMBs. As threats become more sophisticated, even careful employees may find themselves victims of phishing or accidentally opening attachments with viruses. The best defense is ensuring that staff get consistent education to keep security at the top of mind. Security training for all employees really should start on day one.

The other large issue I see is organizations maintaining a legacy security posture, or original security plan. It's not enough to configure the firewall and walk away. Every organization should consider bringing in a third party to get a vulnerability assessment. Even if you have a dedicated security team, a second set of eyeballs will help identify risks and start working towards remediation.

-- Cortney Thompson, Chief Technology Officer of Green House Data, an environmentally conscious data center service

Imbalance in security.

The fastest growing threat are sophisticated phishing attacks, which, when not identified and stopped promptly, can lead to a loss of business.

Business needs to be smart about balancing in-house security resources and building a strong team, while also leveraging third-party security services. There are a number of third-party security services, many of them are SaaS based, that don't require investments in hardware and are generally easier to deploy.

Related: Why Small-Business Entrepreneurs Should Care About Cybersecurity

Perhaps the most important thing is to treat security threats seriously and to proactively assess your security measures. Many companies don't take security seriously enough until something bad happens. It is generally a lot more expensive to clean up after a security breach, than addressing it proactively.

-- Arne Josefsberg, Chief Information Officer of GoDaddy, an Internet domain registrar and web hosting company

Andrea Huspeni

Founder of This Dog's Life

Andrea Huspeni is the former special projects director at Entrepreneur.com and the founder of This Dog's Life.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Leadership

Visionaries or Vague Promises? Why Companies Fail Without Leaders Who See Beyond the Bottom Line

Visionary leaders turn bold ideas into lasting impact by building resilience, clarity and future-ready teams.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Green Entrepreneur®

How Global Business Leaders Can Build a Sustainable Supply Chain

Businesses can build sustainable supply chains by leveraging technology to reduce environmental impact, optimize resources and track emissions while balancing operational efficiency and sustainability goals.

Productivity

6 Habits That Help Successful People Maximize Their Time

There aren't enough hours in the day, but these tips will make them feel slightly more productive.

Science & Technology

Why Businesses Are Relying on Automation to Survive the Labor Crisis

Robots are revolutionizing industries by addressing labor shortages and enhancing efficiency, while businesses navigate challenges like workforce adaptation and high implementation costs.