If you don’t think hacking and other cyber-threats pose a huge risk for small businesses, think about this: a polarized Congress seemingly unable to agree on anything actually passed a bipartisan bill about it. As reported in The Hill, the Senate approved legislation in late September which would require the federal government to offer more tools to small businesses to guard their networks from cyber-attacks.
It’s not hard to understand why. Over 50% of U.S. small businesses experienced a cyber-attack in the last 12 months according to a 2017 study. Additionally, according to UPS Capital:
- A single cyber-attack on a small business may costs that business between $84,000 and $148,000.
- 60% of small businesses go out of business within six months of an attack.
- 90% of small business don’t use any data protection at all for sensitive internal, financial, and customer information.
Is your startup among the 90% who doesn’t protect their data?
If your start-up or small business falls in that 90% that doesn’t have a robust data protection strategy, you are putting your company at risk of catastrophe. Given the relentless nature of cyber-attacks, the lack of a cyber-security program is business malpractice. It’s as if you just left boxes of tax and financial records sitting outside your front door with a big sign saying, “Take Me.”
Takes these five steps to start protecting your business against cyber security threats
The time to act to protect your company’s data is right now. While there are plenty of companies that help small businesses develop and implement comprehensive cyber-security strategies – one great Chicago firm, Middleground Technologies, here are five things you can do immediately to start building your defenses against cyber-threats:
- Understand the potential cyber threats to your business and industry.
It’s hard to protect yourself from an enemy you don’t know and tactics you don’t understand. Educate yourself as to what threats your company faces and how they work. The Small Business Administration offers a free, 30-minute, self-paced training exercise which provides an introduction to cyberattacks on small businesses. You can assess your vulnerability, understand how cyberattacks work, and learn best practices you can adopt to protect your information. - Install cybersecurity software
It may seem to go without saying, but you must have cyber-security software installed on all of your computers and any mobile devices used by employees to access company email or systems. Make sure you have the most up-to-date versions of the latest security software, firewalls, web browser, and operating system as those offer the best defense against viruses, malware, and other threats. - Develop a cybersecurity program.
Your company should have a set of clearly defined – and strictly enforced – best practices for how to protect against cyber-attacks as well as actions to take in the event a data breach occurs. These policies should include robust password protocols, such as two-factor authentication, limitations on access to company systems, and a communications plan for dealing with breaches. The Federal Communications Commission has a wonderful free tool – Small Biz Cyber Planner 2.0 – that helps you develop a customized security plan for your small business. - Train employees how to keep your data safe.
Make sure your staff understands your company policies as to cybersecurity, the procedures they need to take to protect your company’s data and respond to a breach, and how to recognize the signs of “phishing” or other hacking tactics. - Back everything up.
Create offline backups of important financial, tax, and customer files. If your computer is compromised, you’ll still have access to your files. It’s a safe bet that those 60% of small businesses that went belly-up within six-month of an attack didn’t have access to their crucial data after that attack.
If you have any questions about keeping your tax and financial data secure or are seeking any other assistance with your start-up’s financial well-being, please contact us. We welcome the opportunity to assist you.