CNBC reported that “Cyberattacks now cost small companies $200,000 on average, putting many out of business”

They stated:

  • Forty-three percent of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves, according to Accenture.
  • These incidents now cost small businesses $200,000 on average, reveals insurance carrier Hiscox, with 60% of them going out of business within six months of being victimized.
  • More than half of all small businesses suffered a breach within the last year.
  • Today it’s critical for small businesses to adopt strategies for fighting cyberthreats.

With these risks in mind, Solve Ltd. realized that small businesses need to know exactly what to do to minimize the impact cyberattacks can have on their business. Go through this checklist with your team to ensure that you have the primary bases covered:

  1. You need a firewall that is separate from your internet provider. The firewall needs to be controlled by you and your professional IT provider with secure passwords. When you rely on your internet connectivity device like a modem to protect your network, you are an easy target. In many cases, hackers can easily identify your edge connectivity device from your IP address, leaving you and your data vulnerable. A firewall that is not consistently patched based on new threats puts your business in jeopardy. In addition, make sure that your firewall rules need to be created by a professional so you can manage the traffic entering and leaving your network.
  2. Acceptable Use Policy (AUP) is essential and accessible to your entire organization. You can’t expect your staff to follow the rules if they don’t know what they are.
  3. Training and testing. The CNBC report highlighted that it is often the staff that puts the organization at risk, not just the lack of technology. This is an easy fix but has to become part of the organization's culture. Training is not just a one-time event, threats change and people forget. Be sure to include online video learning and simulated phishing attacks to ensure that your staff is absorbing and implementing what they learn.
  4. EndPoint/Server management needs to be more than a system that patches machines and updates virus scans. Your plan needs to include manual checks to ensure that the fixes were completed.
  5. Your data backup process should include, at a minimum, a local disk backup system that can be spun up to replace a down server as well as a cloud backup that can function in the same manner. If there is a local disaster or theft, your local backup is breached and your data unretrievable. Having the cloud backup in near realtime is the easiest and fastest way to be back in business.

If you don’t have these five areas covered, expect that an attack on your business will be successful. It is not a matter of if, but when.

Questions about how to protect your data better? Let’s chat. Whether or not we decide to work together, I would be happy to share insights on where you and your company may be at risk for a cybersecurity attack or loss of data. To make scheduling easier, here is a link to my calendar https://calendly.com/rick_rudolph/15min, please pick a time that works best for you.

rrudolph@solveltd.com | 703.879.2070

Copyright © 1994-2019 Solve, Ltd – All rights reserved.