It’s been nearly 15 years since the term “data breach” entered the popular lexicon. Since 2005 there have been more than 10,800 data breaches that exposed more than 1.6B records in the US. And, we’re still counting. Today, more than half of the breaches that are reported to government officials are the result of cyberattacks.
Hardly a day goes by without some mention in the media of a cyberattack against a household-name company, a school or hospital, as well as city and state governments. Those headlines tend to focus only on the big names, which has the effect of masking the scope of the problem. Small and medium businesses face the same risks as Fortune 500 companies but without the same resources.
The BBB National Programs’ >Better Series recently focused on how Small and Medium Businesses (SMBs) can address cyber threats with Lisa Schifferle from the Federal Trade Commission. She outlined a number of ways an SMB can be vulnerable to attack – but are also easily addressed.
“It can be something as simple as a weak password like ‘password 123’ or administrative password set as ‘admin.’ It can be something like unpatched software or forgetting to update software or an employee leaving their laptop in a car that is stolen,” according to Shifferle. “Attacks can be more complex like a remote access computer without the right protections or a scam.”
Phishing is another primary source of SMB cyberattacks that Shifferle says can be easily addressed, starting with the right company culture. “It’s important to create a culture of security, where everyone feels comfortable they can talk to someone if they get a phishing email. If one employee gets an email and thinks it’s phishing and tells other people, then they know not to click on the link.”
Shifferle also recommends creating an easy way for employees to identify and share phishing attempts. She also advised that SMBs who are the victims of ransomware – another popular cyberattack – should not pay the ransom since “you might pay, but still not get your data back.”
If you want to learn more about the FTC can help you improve your cybersecurity, listen to the >Better Series episode “Cybersecurity for Small Businesses” with the FTC’s Lisa Shifferle. You can listen to all of the BBB National Programs’ Podcasts at the >Better Series website, on the Apple Podcast app, or your favorite streaming platform.