Many small business owners believe they’re too small to be the targets of cybercriminals. The truth is small businesses aren’t immune to cyber threats. Hackers attack business of all sizes. While there’s a lot for small business owners to consider when it comes to cybersecurity, there are several key points they should.
Kevin Rubin, president and CIO of Stratosphere Networks, discussed what small businesses should keep in mind when protecting against cyberattacks in a recent Facebook Live session with Kelly Stone, senior director of global social media at CompTIA.
Hackers aren’t only going after large enterprises; they’re targeting mom-and-pop shops, too, Rubin said. At one point or another, every business gets hacked and businesses should do what they can to mitigate security vulnerabilities ahead of time, which can be difficult for small businesses.
Compared to large enterprises, small businesses often have less resources available to them, Rubin said. Instead of ranking cybersecurity as a top concern, many small business owners end up pushing the practice down their priority lists. Even if businesses can’t allocate much of their budgets to cybersecurity, they should at least have some policies in place to better protect themselves and their customers.
Keep Applications Updated
Keeping software up to date is a good start for any business looking to protect its IT infrastructure from being compromised. To mitigate system and network vulnerabilities, ensure patches are downloaded whenever they become available, Rubin said.To add another layer of protection to their IT infrastructures, businesses should also purchase security products (firewalls, antivirus software, etc.) to ensure endpoints are protected from the growing number of cyberattacks.
Insurance Protection Against Losses
Small businesses should also consider cybersecurity insurance, Rubin said. Once your policy goes into effect, it can help with mitigating losses resulting from a cyberattack. He also stressed the importance of businesses having a PR response in place for when cyberattack incidents do occur, especially if employees aren’t properly educated on potential threats.
Employee Training
Not all employees are fully aware of the dangerous of clicking links in unsolicited emails. “That’s still a thing, and it always will be a thing,” Rubin said. Changing end-user behavior isn’t easy to do. Even with the right solutions in place, there’s no guarantee you’ll be able to prevent all incoming cyberattacks. In fact, many IT professionals still struggle with identifying and preventing cybersecurity threats.
Not all IT professionals are qualified to handle cybersecurity measures. Cybersecurity is a skillset of its own, Rubin said. Don’t always assume your business is secure if you have an IT person. A company’s internal IT staff may not be fully equipped to monitor cyber threats. Working with an managed security service provider (MSSP) allows a business to build a cybersecurity roadmap with the right solutions at the right prices. An MSSP will also put security top of mind for small business owners.
Security Is a 24x7 Responsibility
Small businesses owners should never forget the following: Security should be a top priority for any business. Even if it consumes a lot of your time, cybersecurity is worth the effort, he said. Your business depends on you being able to protect it from harm.
Many businesses are legally required to have some kind of cybersecurity framework in place. For example, depending on the industry a business is operating in, it may need to comply with federal or state regulations, he said. There’s also another angle to consider when it comes to cybersecurity.
Besides keeping their own networks and systems secure, businesses should look to implement cybersecurity measures to protects their customers, Rubin said. This should be a good enough reason to begin getting serious about cybersecurity.
Is your team ready to respond to a data breach? Download the Data Breach Planning Guide for Tech SMBs from CompTIA’s IT Security Community.
Get involved in the cybersecurity conversation. Join CompTIA’s IT Security Community today.
CJ Arlotta is the managing member of CJ Media Solutions, LLC
For more CompTIA videos, visit our Facebook page.