Get In Touch

How worried should my small business be about hacking?

Expensive risks and cyber dangers abound for SMEs, but the real answer is: It depends.

Most businesses are under threat from cyber dangers such as hacking. And small enterprises are uniquely threatened, in part, because of perception. Even sophisticated cybercriminals frequently target them because they assume that small- to medium-sized enterprises (SMEs) are easy to knock over, even if the rewards aren’t as great.

In reality, anything from a construction outfit to a restaurant could be hacked. As an owner, proprietor, or even team member, this may not be your first time considering these risks, but there are a few things you should know to protect your business.

Protecting your small business from hackers: A few key steps

Here’s a good way to get started if you’re looking to seal up your small business’ defenses from hackers.

Talk to your employees about cybersecurity.

Your team members may only have a vague idea about what cyber threats mean, and if one of them realized a breach happened, they probably wouldn’t have the awareness or tools to react quickly and effectively.

We wouldn’t recommend getting too technical or creating lengthy training courses. Any cyber expert you engage can help you with how to convey:

  • What your team members need to know, based on your organization’s specific risks.
  • How to recognize a potential vulnerability or phishing attempt before it turns into something bigger.
  • The importance of unique passwords and keeping confidential information confidential – in both cases, this needs to be a rule, not a recommendation.
  • Basic terminology, such as malware, spyware, ransomware, phishing, and trojans, so that they – and you – can describe a situation in as exact terms as possible.

Be careful with passwords and credentials.

It’s important to stay several steps ahead, including using a unique password for each account/login and leveraging a password manager. You also need to ensure that you know exactly what vulnerabilities exist for hacking, which will not only vary from industry to industry, but business to business.

Don’t overlook the obvious stuff.

For instance, you’d be surprised how many businesses have unprotected Wi-Fi networks and see no risk in doing so. Even if your small business is a coffee shop, take the extra step of making your password available to customers only – even if it means making people ask for it.

Regularly backup your systems.

Aim for at least weekly. It’s also a good idea to regularly examine the strength of your cloud-based and on-premise systems, and whenever you can, invest in the latest technology available. The recent debacle Southwest Airlines faced highlights the dangers of delaying software upgrades for too long, beyond mere cyber risks.

Encrypt your data.

Discuss with your IT partner how encryption is implemented on all of your on-premise and cloud-based solutions. Advanced Encryption Standard (AES) is a good line of protection against hacking such as Keeper for password management, Actifile for encryption of data at rest, ensuring your Microsoft O365 instance is configured correctly, and a secure file sharing tool like Egnyte. It is critical to have multiple lines of defense.

Bottom line: If you’re unprepared, you’re at risk.

Industry observers suggest that anywhere from a quarter to half of small businesses fall prey to cyber-attacks of some kind. According to an IBM report from 2021, manufacturing companies are the most susceptible to hacks, and about one in four of those attacks come from ransomware. IBM also noted that, on average, cyber-attacks cost businesses as much as $4 million on average. Even more concerning, one study suggested approximately 47% of businesses with 50 employees or less do not have any cybersecurity budget at all – and those are the ones most at risk.

Know your vulnerabilities – and get a risk assessment. As individuals, we take many steps to stay healthy, like trying to eat right and get enough sleep and exercise. Still, it’s important to go to the doctor to get a checkup, because what we don’t know really can hurt us.

As a small business owner, this is particularly true for cyber safety. Even if you think you know where your vulnerabilities are when it comes to being hacked by a bad actor, you’re bound to miss a few things. That’s where a skilled cybersecurity professional or partner can be extremely helpful.

Keep in mind as well that the more you do on the front end, the less you’ll have to spend to either guard against or clean up after a cyber breach. An ounce of prevention is worth a pound of cure in cybersecurity, too.