8 Important Cybersecurity Questions for Small Businesses to Ask
By TJ Lundeen / email@example.com
Small businesses are the target of cyber attacks.
In terms of preparation, this may be news for some business owners.
In 2019, 58% of cyber attack victims were businesses with fewer than 250 employees or small businesses. Often, small businesses find themselves broiled in cyber attacks because of a “too small” mentality. Many business owners think they are too small to fall victim to a data breach and have budgets that are too small to combat the problem.
As data breaches and hacks have advanced, so has the need for proper security measures to protect business data.
Do your employees help or hurt your security?
- The problem: Human error accounts for 25% of data breaches and represents one of the largest weaknesses in security for most businesses.
- The solution: Regular training to recognize ransomware, phishing, and general security protocols are critical in the “all hands on deck” approach to security employed by small businesses.
How are your accounts secured?
- The problem: Poor passwords create one of the largest vulnerabilities for businesses, as more than 70% of passwords are recycled from other accounts.
- The solution: Implementing multi-factor authentication protects accounts by requiring more than just login credentials. Using a text message, tokens, or biometrics adds an additional layer of security to accounts.
Are you protecting your endpoints?
- The Problem: There were 10.5 billion malware attacks in 2018; antivirus software detects over 350,000 pieces of malware daily.
- The Solution: Antivirus software has been around for a long time but is still effective. While no antivirus software is 100% effective, having a platform in place can help detect and prevent malicious attacks.
Is your data backed up?
- The Problem: Ransomware attacks lock your data and demand money, with companies paying an average of $84,116 to recover data in Q4 2019.
- The Solution: Backing up your data from devices and the cloud locally and to an off-site server will protect your business from potential ransomware and system crashes.
Have you limited access to sensitive data?
- The Problem: More than 80% of organizations do not have a plan for privileged access management, leading to double to breaches.
- The Solution: Ensuring the data that runs your business is not open to all employees by using identity and access management technologies will mitigate risk when a data breach occurs.
Critical business data should not be accessible to all employees.
How is your network monitored?
- The Problem: 68% of data breaches take months, not days, to uncover for businesses, creating a larger impact and more expensive recovery.
- The Solution: Network monitoring tracks the entire IT infrastructure of an organization, providing an early warning system of potential threats.
What is your data recovery plan?
- The Problem: More than 60% of companies have experienced some form of data breach over the past two years, making it a when not if scenario for most businesses.
- The Solution: Creating an incident response plan organizes your employees to help recover from a breach and return to normal working conditions.
What are your vulnerabilities?
- The Problem: One in every three data breaches is the result of a vulnerability that should have been patched.
- The Solution: A vulnerability assessment can provide your organization with the knowledge of how a hacker would gain access to your network, giving you a head start to shoring up issues before they are exploited.