While most of the news focuses on huge corporations with lots of personal records impacting thousands of people, small businesses are at risk, too. For 2018, Kaspersky Lab reported the following findings:
Hackers and phishing scams can cost businesses large and small hundreds of thousands of dollars, hours of time and plenty of stress. The average cost of experiencing a data breach globally is on the rise – with breaches now amounting to $1.23M on average for enterprises (up 24% from $992K in 2017) and $120K on average for SMBs (up 36% from $88K in 2017).Think about all the customer records, credit card information, vendor data and other records you have on your servers. Do the math; it's worth your time to consider your risks and create a plan to prevent a breach at your business.
Because big businesses have more to lose, they're also at the forefront of protection efforts. Smaller businesses can learn lessons from the efforts of the larger corporations and scale their protection to work for their smaller organizations. Let's take a look at what's worth learning from big businesses.
When you're first working to grow your small business, it's common to intermingle your personal funds with your business funds. Unless you have investors, it might all come from the same source — you — in the end. However, it's wise to create a business account that's completely separate from your personal account. Not only can this help with taxes, but two accounts mean that if someone hacks your personal account, your business stays secure (and vice versa).
Most companies protect their structured data, which describes data that are highly organized — perhaps in a database or other set of files. But big businesses also protect unstructured data, which can include things like data or information stored in an employee's email inbox. Inboxes are weak points when it comes to cyberattacks, and they can easily allow hackers to access valuable unstructured data. A comprehensive approach to protecting all types of data is essential for businesses of any size. This strategy can include using security software in addition to training employees on best practices for keeping data in the right hands.
Small business employees often work more than one kind of job, which stretches their responsibilities and, in turn, increases risk. The troubling reality about cyberbreaches is that many occur when employees — not unknown hackers — steal information. If you limit the amount of information your employees have access to, you limit your risk of a breach. Restrictive data permission protocol doesn't mean you don't trust your employees; it means you're a smart small business owner.
If there's anything you can learn from large corporations' cybersecurity, it's to not procrastinate. Big companies almost always work with cybersecurity specialists who can educate you about best practices and ways to enhance protective efforts to reduce breach risks. It's not as expensive as you may think; consider it an insurance policy that can save you money in the long run.
If you're interested in discovering how your small business can prevent, predict, detect and respond to breaches like big businesses do, check out Kaspersky Lab’s solutions for small businesses.
Related Articles and Links:
What is Advanced Persistent Threat, Signs of APT
Kaspersky Endpoint Security for Business