Why Small Businesses Neglect CybersecurityPosted on January 8th, 2018
Small businesses already have enough to think about: limited cash flow, tight resources, and staff going beyond job descriptions to accomplish more things. Because of these, small business owners typically don’t put a lot of energy in cybersecurity, even though they invest in technology like software, websites, and other applications.
However, because 43% of cyber attacks target small business and 60% of them go out of business within six months of an attack, it’s important for small businesses to start thinking more about cybersecurity.
Why do small businesses neglect cybersecurity?
More often than not, it’s not that small businesses don’t care about cybersecurity; it’s that there needs to be a better understanding of the threat that goes with it. Small businesses don’t identify risks until they’ve experienced some loss from a particular problem.
Take inventory, for example. If a small business runs out of stocks, the entire business is disrupted: customers are upset, losses emerge, and reputational damage occurs. Now, the business has learned that it cannot run out of inventory; else, business success is negatively impacted.
With cybersecurity, management and the employees have probably not yet had a cyber attack directly impact their operations. However, security experts say that for any small business, it’s no longer a matter of if they will get hacked, but a matter of when.
How small businesses improve cybersecurity
Now, even though a small business may care for cybersecurity, budget and staffing issues may prevent them from taking action towards it. However, there are a few low-cost but effective steps that any small business can take to increase their security posture against cyber attack risks.
- Security Awareness Training. Because majority of threats arrive through email phishing sent to company mailboxes, it’s important to train employees to identify and defend against phishing, ransomware, removable media and malicious websites is a necessary component in a business’ digital security strategy.
- Password Manager. While strong passwords are important, they’re also often easy to forget. Small businesses should invest in a password management application to protect business-related accounts such as emails, administration pages, bank accounts, etc.
- Regular RIsk Discussions. Hold monthly meetings to discuss cyber risks, and more importantly, how to deal with them when they do occur. Think about backups, computer equipment being stolen, getting hit with ransomware, and other potential threats.