Think You are Too Small to Get Hacked? Think Again

Too busy to believe your small business is going to get hacked? Big mistake.

In 2015, the rate of electronic theft, fraud, and cyber invasion rocketed. Hacking is now an established criminal enterprise, and the easier the target—the more likely it is to be hacked. The average cost of a single business hack can run from $30,000 to millions of dollars. Can you afford to ignore this issue?

Entrepreneurs with fewer than 100 employees often think themselves too small to attract the interest of cyber criminals. Unfortunately, small business is a prime hacking target for a number of reasons including:

• Small businesses have financial assets worth stealing
• The intellectual property and tech owned and used by a small business makes a good target
• Because they have fewer resources, smaller firms and businesses usually do not have sufficient cyber protection
• Small businesses may provide third party access to the network of a larger, better protected company

A recent article in The New York Times notes that a single hacking incident, or a series of distributed denial of service (DDoS) attacks, can take your business down for good.

DDoS attacks occur when a bad actor aims an autobot network at your website—overwhelming and crashing your server. Your web presence and ecommerce, are dead.

Increasingly, hackers are using chaos as a diversion. While you, or a computer security expert, try to get your website back up, the hacker quietly launches malicious code which can be remotely manipulated later, when you think the crisis has passed.

When people talk about a computer virus, spyware, or adware, they are talking about malware, or malicious programs used to damage systems and steal information. Ransomware is a form of malware, and like the name implies, the software locks up your system until you pay for its release.

The problem is, payment of the ransom may—or may not—end with the happy return of your essential business files. Although hackers have a financial interest in returning your files intact, a small mistake can scramble your files, costing you not only the ransom—but your data as well.

On the cloud, or on your own server, cyber crime is a growth industry and your enterprise will eventually be a target.

Five tips to protect your small business from cyber attack

I am a business growth expert who helps clients make smart moves with their marketing—and automated marketing software. A natural computer geek, I know a few things about protecting digital assets.

As much as you may not want to deal with cyber stuff, take a deep breath and take a look at these tips. Being aware of the vulnerability of your small business is half the battle:

1. Assessment: Unless it is your area of interest, chances are good you are not a cyber security expert, nor do you have one on staff. This is a good place to take advantage of outsourcing. Get referrals, make some calls, and bring someone on board to assess the security of your operation, from point of sale to data archives. Make sure you work with a company familiar with the concerns—and vulnerabilities—of small businesses.

2. Education: With assessment in hand, you might be shocked to realize your vulnerability. There are resources available to deepen your understanding of how to help yourself. The Federal Communications Commission (FCC) and the Small Business Administration (SBA) offer free tips and training to help you get up to speed.

3. Update and test: After you create goals and security parameters for your business, use a qualified security vendor to upgrade your system and your overall approach to online and network security. You may want to engage in penetration testing (called pen-testing) to safely gauge the effectiveness of your security update.

Train your workforce about social engineering techniques like phishing. A click on an attachment, or a safe-looking link, in an email can quickly lead to a serious data breach incident. Make cyber security a common conversation with employees, and update their knowledge frequently on best practices.

4. Consider insurance: Check out cyberinsurance to cover business losses in the event you are hacked. Your costs could include liability to customers who suffer exposure or theft of personal information, the cost of managing the data breach, business interruption and more.

Be aware that rates for cyberinsurance are rising just as fast as the hacking rates. You may find insurers provide expensive coverage for less than the damage you might suffer.

Plus, some insurers and banks are pushing back on claims—litigating incidents where employee mistakes led to the breach. Another good reason for assessment, protection, and pen-testing is that you could get better rates when you try to apply for cyberinsurance.

The profit you see from your small business depends on secure doors and windows to your data, and your service. Don’t skimp on cyber security.

Just like network safety, earning more profit does not happen by accident. When you are ready to move ahead on a new plan for profit this year—I hope you call me at 585-633-7563.

Yours in profit,

Bob Britton