Small and midsized businesses (SMBs) deal with myriad
challenges in keeping their companies afloat and thriving. Production,
distribution, marketing, labor, research and development, customer service—these
are just a few areas that keep SMB owners and managers busy. Amid these
important everyday responsibilities, cybersecurity sometimes gets lost in the
to a 2017 survey by Manta, 87 percent of small businesses interviewed do
not think they are at risk of a data breach.
Unfortunately, companies of all sizes are not that
safe from cyberattacks. SMB
security threats are plentiful, and they can be more damaging to your
organization than you can imagine. If the aforementioned production,
distribution, marketing, labor, research and development, and customer service
are tied into your computer system, one precise cyberattack can take down
everything. Larger companies are bruised by such attacks but usually are able
to withstand the breach. However, SMBs might never recover from a devastating
cyberattack—the margin of error is simply too slim to have their systems down
for a few days.
One of the first and best defenses a SMBs can take is
knowing what threats are out there and what measures they can take to counter
those threats. Many organizations choose to partner with a
third-party expert to bolster their cybersecurity; others attempt to set up
their own measures to protect their systems. Either way, here are four SMB
security threats that businesses in Southern California should be aware of:
Ransomware is fast becoming the most serious threat
facing today’s SMBs. Simply put, ransomware is a virus that infects a system
and encrypts data for the hacker, who essentially holds your system hostage
until you pay a “ransom” to get it back under your control. Protecting against
ransomware requires two strategies: robust backup systems so you can ditch the
infected data and start anew with minimal disruption, and preventing the
ransomware from ending up in your systems in the first place. The alternative
is paying the ransom or permanently losing access to data—and neither option is
palatable for SMBs already under tight budgets.
Phishing relies upon email to trick users into opening
unsafe attachments or providing personal and/or sensitive information (such as
account logins and passwords). You would think by 2018, everyone would know not
to open suspicious emails, but it still happens, in no small measure to
phishing attacks becoming increasingly sophisticated (e.g., a fake subject line
of “There was a problem with your Amazon order” along with a deceptively
convincing email message) and simple human nature (who doesn’t want their Amazon
order to arrive on time?). Strong spam filters and firewalls, as well as better
education, can counter phishing attacks and deny the system access that the bad
guys are working hard to get from your unsuspecting employees.
Once upon a time, really not that long ago, cybersecurity
was keeping just servers and computers safe. Laptops gradually changed this,
but when smartphones and tablets exploded for business use, a whole new
cybersecurity focus emerged. If anything, this focus is still emerging, with many SMBs not understanding or addressing the
threats they face with mobile devices. For example, a work computer might
require a login to turn on the machine, then a password to access the system,
and other safeguards to get to email, chat, and so on. Users rarely set up all
those hoops on their smartphones—one lost or stolen device can give the
finder/thief unfettered access to your company.
Unless you are a tech SMB, most of your employees do
not possess any sort of advanced IT knowledge. This isn’t their fault,
necessarily, but it does inherently increase risk of a data breach. As already
stated, employees might unwittingly open an email they shouldn’t open or leave
their smartphone behind at the coffee shop. Or, they use weak passwords and
fail to follow best practices with their system usage. Or, they start fiddling
with servers and system controls and inadvertently weaken the company’s
cybersecurity. Whatever the cause, human error is a significant security threat
2015 survey attributed 37 percent of data breaches to people just being people.
technology services partner can reduce much of this risk and educate your employees
on best practices so that they aren’t accidentally contributing to the struggle
you might face against hackers.
What security threats has your SMB dealt with?