7 key cybersecurity tips for small businesses

Large enterprises typically have the resources to protect their networks against the ever-evolving landscape of cybersecurity threats. But smaller businesses have tighter budgets and fewer resources. Hackers know that, which is one of the main reasons they target small businesses. A cyberattack can have serious consequences, with many small businesses having to shutter for good due to the fallout. These are high stakes. With that in mind, here are seven key security recommendations for small businesses.

1. Educate users: No amount of technology can completely protect your network and data. User training and awareness are crucial to building solid defenses. Industry research shows that workers cause more than half of all cybersecurity incidents, making humans the “weakest link” in IT security. Trained workers, however, shift from liabilities to assets, becoming your first line of defense against cybersecurity threats.

2. Secure endpoints: From stationary workstations to laptops to mobile devices, all endpoints must be secured to help prevent a breach. Many traditional or anti-virus tools block only the malware they recognize, based on signatures that have been written into the AV software. More sophisticated endpoint protection platforms scan and block malware, using a constantly updated threat list, protecting every device on the network.

3. Apply security patches: Left to users, many security patches will be ignored, creating vulnerabilities that hackers know how to exploit. The fast-spreading WannaCry and Petya ransomware attacks first brought ransomware attacks to the top of the news cycle, and attacks have grown since, more than doubling in quantity this year. Many ransomware attacks exploit vulnerabilities that can easily be fixed through proper patch management. Businesses need strict patching policies so users don’t ignore software update prompts. Preferably, businesses would deploy automated patch management, taking users out of the equation.

4. Deploy firewalls: Think of a firewall as a sentry that allows only authorized guests into a building. Firewalls block unauthorized content with controls, such as access denial to IP addresses known to deliver malware. Even if a malware payload is delivered, a firewall can prevent it from communicating with the command and control server from which it would receive instructions to lock out data. This could stave off infection until the malware is detected and removed. Firewalls let you choose which types of content to allow into your network, blocking unauthorized data while still allowing outbound communications.

5. Enforce password policies: Although users tend to resist them, passwords are necessary and should be changed regularly. Require users to use combinations with numbers, special characters and upper and lowercase letters to make passwords harder to crack.

6. Prepare an incident response plan: Prevention is critical to a cybersecurity strategy but you cannot ignore another critical component — incident response. Since no security measure is 100% foolproof, businesses must prepare for the eventuality of a breach. Every business should have an incident response plan (IRP) outlining what steps to take and who is responsible for the response following a breach. Nearly 40% of companies don’t have any sort of incident response plan in place in case of a breach, according to the Ponemon Institute. Without an IRP, it’s hard to minimize the damage of a breach if you’re unclear on what actions to take. Some malware infections spread at lightning speed once a network has been breached, so reaction time is critical. Trying to come up with a response plan after an incident already occurred is too late. And remember, cybersecurity experts warn that for most businesses, a cyberattack isn’t a matter of if, but when.

7. Build a cross-functional security team: Avoiding, preparing for, and responding to security breaches involves more people than those in charge of IT and cybersecurity. Technical staff are usually the first to spring into action following an incident as they seek to identify the problem, assess the damage and start remediation, but the response also includes non-technical aspects. In addition to employees, it may be necessary to notify customers and suppliers about the breach, so there is work to do for management, as well as other functions like marketing, PR, HR and legal. MORE