This is a guest post from Cherie Mclaughlin. Opinions expressed by Engineering our Future contributors are their own.
Photo by Dan Nelson from Pexels
As an aspiring entrepreneur, you’ll need to take certain precautions as you get your dream business up and running. When you’re ready to plunge into business ownership, you’ll need to follow certain protocols when you form an LLC, set up a separate business banking account, hire trusted team members to carry your business from infancy forward, and last but not least: protect your livelihood from a cyberattack.
It’s important to understand that small businesses are huge businesses for cybercriminals. Around 28 percent of all data breaches involve small businesses, and after experiencing an attack, Cybercrime Magazine notes that 60 percent of these companies will shut their doors for good. You need to be prepared for an attack because it’s not a matter of if it will happen — it’s a matter of when.
How can you set up a good cybersecurity strategy with few resources that will keep your data safe from attackers? Engineering our Future takes a look at a few truths you need to remember about security:
1. Small-business owners tend to underestimate the certainty of an attack
It’s easy to say “oh, that’ll never happen to me.” But with 60 percent of small businesses closing their doors after a cyberattack, you can’t be too safe. However, according to Security Intelligence, it seems that most small-business owners don’t view a cyberattack as the imminent threat that it actually is.
Don’t allow this kind of hubris to destroy your business. The first step to recovery is acceptance — and while this maxim is usually levied by psychologists, it fits in cybersecurity too. Accept that your data is in danger, and then do something about it.
2. Humans are exploitable
It’s a common adage in the cybersecurity world that humans are the weakest link in any network. There’s a reason phishing scams and targeted social engineering attacks are so common: It’s because they work. Picking on the unwary and too-trusting users is second nature to malicious actors.
Education is the best weapon against cybercrime. Make sure employees know what a phishing email looks like, and do regular online training so they know what not to click on when surfing the web. Keeping your network safe is worth the extra time spent on education.
3. Passwords will be compromised
Even during the COVID-19 pandemic, malicious entities were working hard to exploit unsuspecting internet users’ data. In June 2021, an anonymous hacker posted a compilation file of 8.4 billion passwords online — some of which were probably yours.
What can business owners do about password security? If you have employees, educate them now about the importance of setting secure passwords and stress that they should use some form of password manager, many of which are free.
4. Disaster recovery plans are a must
Do you have a disaster recovery (DR) strategy? In the event that your business is targeted in a cyberattack, you need to have a plan in place for both combating the attack and recovering your data afterward.
One of the biggest parts of a successful DR plan is to test it regularly to verify that it is indeed working (this is called “penetration testing” or “ethical hacking” by industry experts). You’ll also need layers of infrastructure protection and the ability to see all your data in a single interface, which makes the implementation of your DR plan much more streamlined in case of an emergency.
At the end of the day…
Your data is safer when you’re more vigilant. Keeping your DR plan up to date, educating yourself and your employees, and investing in cybersecurity tools like password managers are all great ways to keep criminals out of your systems.
Engineering our Future provides you with meaningful and educational conversations with some of the best and brightest engineers and professionals around the world so you can stay ahead of the curve in your career. Reach out to us today!