Professional liability insurer Beazley announced in its Beazley Breach Insights—July 2016, that small businesses, especially in the financial industry, are experiencing a sharp rise in data breaches during Q1 2016. Notably, among financial institutions, hacking and malware attacks accounted for 43% of all data breaches handled by Beazley. That is compared to 27% in the same quarter last year.
This data goes to reinforce the fact that no business is too small to get hacked. All size businesses in all industries need to have cybersecurity in place and have a plan to respond when a breach occurs. SMBs that typically have fewer defenses against these breaches are becoming attractive targets for hackers.
Here are a few steps SMBs can take to strengthen their cybersecurity program
- Prioritize your business objectives and set your risk tolerance: Striking a balance between protecting data assets and budget constraints is a constant challenge for SMBs. The truth is, there’s no such thing as 100-percent secure. That means you need to make hard decisions about the different levels of protection required for your business.
- Develop a proactive security plan: Awareness is essential to security planning. Understanding the threat landscape, and actively working to protect your organization against those threats, requires both technology and policy. Having a better understanding of what threats your business faces will help you determine where to invest your cybersecurity dollars.
- Prepare your response to the inevitable, a sophisticated attack: With the constant evolution of advanced persistent threats—anda growing presence of hackers intent on finding a vulnerability—it’s fairly certain that your organization may eventually fall victim to a data breach. Having a coordinated and tested incident response plan is critical at a time like this, as is access to the right resources and skills. Who will you turn to when you’ve been hacked?
- Promote and support a culture of security awareness: All it takes is one careless employee to put your entire’s business at risk. That’s why every employee must understand the role they play in the security of your business. Security awareness training, phishing testing, these are some of the most cost-effective steps SMBs can take to protect their data and technology networks.
ACE IT Solutions works with SMBs across all industries to help them develop a cybersecurity and risk management program that meets their specific risk profile and budget requirements.