As Cybersecurity Awareness Month and Small Business Month wrapped up last week, it is timely to encourage small- and medium-sized business owners to keep vigilant with cybersecurity measures.
The Canadian Federation of Independent Business reported earlier this year that nearly a quarter of its 3,000 members had experienced cyber-attacks since March 2020. Further, it’s research showed that 80 percent of cyberattacks came through email scams and phishing attempts, and 50 percent encountered malicious software.
“Relative to the entire economy, this means about 61,000 small- and mid-sized businesses were victims of cyber fraud last year,” commented Jo-Ann Smith, Chief Information Security Officer at Long View Systems.
“SMBs, like all businesses, regularly face the threat of cyberattacks,” said Smith. “From phishing to ransomware to cryptomining attacks, the threat landscape is continually evolving and growing.”
Preparation is Essential
“Preparing for a cyberattack can be a bit like trying to hit a moving target, however there are a number of simple things that SMBs can do to help mitigate against cyber threats,” explained Smith.
“Beginning with a security audit, small businesses can identify gaps in their technical controls.”
“It’s also important to ensure all employees understand the organization’s cybersecurity principles and policies such as password protection and identifying potential phishing emails,” stated Smith.
“Finally, it’s important to have an ongoing security plan in place for all likely scenarios and for ongoing security program maturity.”
Smith shared her five top tips that small businesses can use to stave off a cyberattack:
- Conduct a security audit. Not only can conducting a security audit help you understand the current landscape, but it can also help to improve your resilience in the case of a cyberattack.
- Train employees in cyber security principles. Employees are the first line of defence in protecting against cybersecurity threats. Lessons in password protection or how to recognize a scam can help to ensure that your team is well equipped to prepare for a cyberattack.
- Stay on top of software updates. Your security software is only as good as your update schedule. As new vulnerabilities and security patches are updated all the time, make sure that you’re on top of installing any updates as they become available.
- Keep your data backed up. No data is off-limits to a bad actor or hacker. This means that in the event of a cyberattack or security breach, your small business could lose it all. No matter how you choose to, from cloud solutions to physical storage, be sure that your data is always backed up.
- Be prepared. A cyberattack can happen to anyone, anywhere, and at any time. Spend some time preparing for the worst, securing your network, training your employees, and planning for any likely scenario now before it’s too late.
“The best offence is a good defense,” summed up Smith.
“In addition to finding any potential weaknesses in your security posture and ensuring that your employees are well-versed in the basics, it is key to continue to evolve your own security controls.”
“Staying on top of regular end point updates and ensuring all data is securely backed up will help protect your organization and its critical data from bad actors,” stressed Smith. “The use of VPN network options, combined with end point security controls, will help to keep personal and work data security.”
More on Cybersecurity