You, the CEO of a small business, are under attack. Right now, extremely dangerous and well-funded cybercrime rings in China, Russia and the Ukraine are using sophisticated software systems to hack into thousands of small businesses like yours to steal credit cards and client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack American businesses. Take the recent WannaCry ransomware attack that made the news – and that’s just one of many examples that are happening on a scary, frequent basis.
Don’t think you’re in danger because you’re “small” and not a big target like a J.P. Morgan or Home Depot? Think again. 82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses; you just don’t hear about it because it’s kept quiet for fear of attracting bad PR, lawsuits, data-breach fines and out of sheer embarrassment.
In fact, the National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year – and that number is growing rapidly as more businesses utilize cloud computing and mobile devices, and store more information online. Quite simply, most small businesses are low-hanging fruit to hackers due to their lack of adequate security systems – which is what prompted this urgent post to all of you.
There are a few simple things you need to be doing on a consistent basis to avoid being the next statistic. They are:
1. Use a strong password. I know, simple, right? But so many people are still using easy-to-guess passwords like “password” or other words or phrases. Guess what: hackers have sophisticated software programs that can try to log in to your PC, account, web site, etc., at the rate of 8 million login attempts per SECOND. If your password is easy, they’re in. Your password should contain at least 8 characters, uppercase and lowercase letters, a number and a symbol (! or #, for example). 2. Install a “unified threat management” (UTM) system. Firewalls and antivirus aren’t enough to stop the sophisticated tools hackers now have. A UTM allows an IT administrator to monitor and manage a wide variety of security-related applications and devices to make sure you’re protected on all fronts. 3. Educate your employees! Employees clicking on phishing e-mails or downloading virus-laden files is still the #1 way hackers gain access to and control of business networks. Therefore, you need to outline an Acceptable Use Policy (AUP) that details what employees can and cannot do with company-owned devices, files, software, etc. Plus, you need to make them aware of how to spot a phishing e-mail or attack so they can avoid it altogether.