On September 16, Amnet Founder and CEO Trevor Dierdorff shared guidance for protecting area businesses from cyberattacks at the Peak Executive Forum. Sponsored by Six & Geving Insurance and Amnet, the hybrid in-person and online event featured some of the city’s top experts on cybersecurity.
The most important take away from this event was that small businesses can avoid hackers as long as they’re proactive about their cybersecurity. In 2019, Verizon found that 43% of breach victims were small businesses. That’s a terrifying prospect for an organization with lax network security, which relies on untrained staff and outdated technology to safeguard their sensitive data.
Frequently Asked Questions from the Peak Executive Forum
Many small businesses make the mistake of opting for a one-size-fits-all approach to IT, using an in-house department and giving them responsibility for everything from day-to-day IT requests to the complex cybersecurity tools and plan that keep the business safe. That’s a lot of responsibility for one person, or even one team.
To get you started thinking about your own cybersecurity strategies, we’ll answer some of the questions that were asked at the Peak Executive Forum by business owners just like you.
What threats should I worry about?
Unfortunately, there are many cybersecurity threats that should concern small businesses. These organizations remain a popular target for hackers because they don’t have the time or the resources to protect their business. This makes them an easy target for ransomware attacks, where hackers seek a cash ransom by holding data hostage or by threatening to release it to the public.
Additionally, many businesses that transitioned to remote work in early 2020 inadvertently opened up vulnerabilities that never existed before. Whether your business has 1 staff member or 100, a single exploited vulnerability could easily cause immense financial or reputational damage.
How does COVID-19 affect cybersecurity?
The change to remote work due to COVID-19 affected more than just productivity. It marked a huge change in most businesses’ security footprint, with many workers securing remote access to their work desktop so they could access work materials on their home network. This is a huge vulnerability that many hackers have taken advantage of.
Without a layered cybersecurity approach, small businesses, schools and other public-facing organizations that use unsecured programs for remote work, email communication or remote learning are putting themselves at risk.
If my data is in the cloud, am I OK?
Many businesses have transitioned their data into the cloud, intending to improve cybersecurity since their data isn’t stored in one central location. While that is an improvement on an insecure server, it’s important to remember that it only takes one insecure computer to give a hacker access to the entire cloud service. Two-factor authentication is key to ensuring your cloud remains secure.
Does the set-it-and-forget-it mentality still work?
Today’s changing landscape of cybersecurity requires organizations to be active and involved in making decisions based on information that’s constantly changing. There’s no way that organizations can set up a firewall and walk away. Changing and evolving threat vectors mean that cybersecurity needs to be an ongoing conversation, not just a once-in-a-blue-moon check-in with your IT provider.
What does zero trust mean for my business?
A zero trust approach means only giving access to information, files or accounts when it’s absolutely necessary. Defaulting to global access can cause massive problems if any one person’s account becomes compromised. If you go zero trust, a cybersecurity awareness training session can help your employees understand that it’s not because you’ve lost trust in them – it’s simply a safer way to approach the organization’s network and email security.
What about the Dark Web?
The Dark Web isn’t just a place for hackers and cyber terrorists. It’s where your data will end up if it’s removed from your safekeeping. That’s why it’s so important for your employees to use a unique password for every login. To encourage them to use complex, secure passwords, invest in a password manager like LastPass.
What should we be doing?
A proactive cybersecurity plan is the best way to protect your business from attacks and to ensure that you’re safeguarding sensitive information and data from your clients and customers. The most proactive cybersecurity plans include mobile device management, enhanced email security, cybersecurity awareness training for all employees and responsible data access.
If a breach does occur, cyber insurance can help you repay some of the bills associated with cleaning up the mess, but it can’t fix reputational damage.
How Amnet Can Help Improve Your Cybersecurity
Knowing you need to be more proactive is just the first step. Developing a plan for improving cybersecurity might seem intimidating, but with a professional IT partner by your side, you can make sure your cybersecurity strategies are proactive, responsible and tailored to your needs. That starts with getting the right guidance from a trusted IT company like Amnet.
We offer IT security solutions that are customized for the needs of your business, leveraging 5 layers of security to keep your business safe from online threats like ransomware and hacker intrusions. Sign up today to get started with a free cyber gap analysis. It’s the first step in a proactive plan that protects your business and leaves you free to focus on your bottom line.