Cyberattacks are a bigger problem than most entrepreneurs realize, especially those who are new to the world of owning and running a business. Last year, 61 percent of all cybersecurity breaches hit small businesses, and the average cyberattack cost businesses between $84,000 and $148,000. On top of that, roughly 60 percent of small businesses hit by a breach go out of business within six months of the breach.
If that’s surprising, you should also know that 90 percent of small businesses have no measures in place to protect company data and customer information. And since the majority of cyberattacks are opportunistic, a handful of simple measures may be enough to protect you from cyberthreats.
Why Cybercrime Is Becoming More Important
So why is cybercrime becoming more prevalent, and more targeted at small businesses?
1. The sweet spot
Small businesses are a “sweet spot” for hackers. Low-profile targets like individuals are too much of a gamble; they aren’t very valuable, and therefore are too risky to go after. Large corporations often invest heavily in cybersecurity, making them too difficult to go after. But small businesses tend to be reasonably valuable, with little to no protection.
2. Hackable devices
Hackers also have access to more devices and entry points than ever before. Chances are, most of your employees have one or more portable devices they use both in the office and at home, you have a Wi-Fi network that could be exploited, and you use multiple online platforms that are accessed by your employees daily. Even simple electronic machines, like your garage door, can be hacked.
Hackers aren’t usually technological masterminds; they’re opportunists. They look for opportunities to exploit, such as weak passwords, gullible employees, or poorly maintained databases, and get to work. Unfortunately, small businesses tend to be ripe with these open-door opportunities.
4. Hacker safe havens
We also have to consider the abundance of safe havens for hackers; countries like Russia and China offer protection toward cybercriminals, and don’t have many laws or regulations that prevent them from going after United States-based companies. This makes it easier for hackers to continue getting away with their crimes.
What New Entrepreneurs Can Do
So what can new entrepreneurs do to protect their businesses?
Many entrepreneurs are worried about the costs of a cybersecurity program, but you don’t have to spend much to protect yourself:
1. Choose the right cloud platforms
First, be choosy with the online platforms you use for your business. Every company will have different security standards, and different protective measures in place, so you’ll want to select one that can keep your data secure.
2. Invest in a VPN
It’s also a good idea to invest in a virtual private network (VPN). A solid VPN will encrypt your web traffic, keeping your devices and networks safe whenever your employees use them—even if you’re relying on a public Wi-Fi network. It won’t protect you from every threat, but it will serve as an added layer of security to increase your chances of success.
3. Secure your Wi-Fi network
Your Wi-Fi network is a point of vulnerability; if a hacker gains access to it, they could hypothetically access all your incoming and outgoing traffic. Make sure you keep your network secure with a strong password and top-notch security protocols.
4. Educate your employees
Unfortunately, your biggest point of vulnerability will probably be your employees. All it takes is one weak password, or one person falling for a phishing scheme to compromise your entire network. Make sure your employees understand the most common ways your company could be hacked, and equip them with the knowledge of best practices necessary to avoid them. It’s a good idea to host regular updates and workshops so your team stays up-to-date.
5. Employ a BYOD policy carefully
If you decide to offer a bring-your-own-device (BYOD) policy, make sure you evaluate it carefully, and employ strict rules to prevent your devices from falling into the wrong hands. If you aren’t sure what you’re doing here, it’s better if you only allow company devices on company networks, and forgo the possibilities of an external source of corruption.
These steps won’t stop someone who’s committed to hacking your business, but they will thwart the majority of opportunistic attacks. Remember, hackers want to find opportunities that are easy, so the harder you make it for them to get past your security barriers, the better-protected you’re going to be.