43% of cyber-attacks target small business.
62 % of businesses experienced phishing and social engineering attacks in 2018
Supply chain attacks are up 78% in 2019
94% of malware was delivered by email
Small business are increasingly being asked by customers to prove that they manage their Information security well and are compliant with all the relevant regulations.
If you’re unable to do it you will find that your bottom line is adversely affected.
Until recently your only options to do this were either bring in a highly paid consultants or dedicate considerable internal resources to the task and then do it all again next year.
There is a lot at stake with two-thirds (66%) of small and medium-sized businesses suffering catastrophic consequences and possibly having to close their doors after a breach. In fact within six months of a cyber attack occurring, 60% of small companies go out of business.
There are things that you can do yourself to improve your information security. Start with these low cost measures and start building your cyber resilience.
Provide IT security training for all your employees as the vast majority of employees would never knowingly harm your business. You can also include your policies and processes into your training program. The Keeper Security/Ponemon Institute’s small and medium size businesses report shows the number of SMBs reporting negligent employees and contractors as the cause of data breaches increased to 60% in 2018 — whereas external threats (hackers) were reported as 37% of the causes.
Have a person in your organisation who administers access to the various systems and information. Access should only be granted to an employee who has a work requirement to see or use the data. Accounts and access should be shut down the minute an employee moves on or changes role and no longer requires access to it to do their job. Password strength should be strong and should be changed every 3-4 months. Lastly passwords should never be shared with colleagues or kept on a post-it note!!!
No matter how perfect their CV is or how well you connected during the interview process never forgo a formal background check.
Ensure you train new staff in how to access your business systems and manage information assets according to your organisations policies.