What small-business owners need to know about digital security
By
Whether it’s to manage finances, accept payments or reach new customers, more small-business owners are optimizing their business operations with digital tools — leaving them increasingly vulnerable to digital security breaches and cyber attacks.
Exposure to cyber attacks topped the list of the biggest worries small-business owners face, even surpassing concerns about inflation and other economic issues, according to a 2023 report on cybersecurity released by Hiscox, a business insurance company.
The consequences of these breaches can extend beyond the initial threat, as well. Twenty-five percent of business owners surveyed by Hiscox indicated that cyber attacks had an overall negative impact on their business’s brand or reputation, and 20% said they had trouble attracting new customers as a result.
Here‘s what your business needs to know about the vast and evolving landscape of digital security.
Even the smallest businesses are at risk
While it may seem more lucrative for cyber criminals to go after big corporations and larger firms, the Hiscox report indicates that smaller businesses are increasingly under threat. Cyber attacks on firms with fewer than 10 employees have risen 13% since 2020.
“Hackers don’t care how small your business is or what you do,”
Although cyber attacks can happen to any business, certain industries may be more likely to be targeted — particularly those that access or store a lot of sensitive client or customer data or information.
According to Smith, medical offices may also be a target due to their small staff sizes and access to a lot of personally identifiable client information.
It’s easier to prevent a digital security breach than fix one
Businesses should prioritize proactive measures they can take to prevent an event from happening in the first place. It’s uncommon to find your attacker or recover stolen money or data once it’s gone, according to Smith. Once a cyber attacker has what they want, they are “lost in the wind.”
Studies indicate, however, that 95% of breaches in digital security can be traced to human error, which means they are preventable through internal and employee policies. This starts with policies that promote ongoing system maintenance and security. Smith recommends an initial review to pinpoint your overall vulnerabilities.
“The first thing you want to do is just kind of assess, ‘Where are our open ports? Where are our opportunities for things to go wrong, for people to hack into our system, for employees to lose data?’” she says.
If your employees have company-issued devices, for example, then your employee policy should lay out parameters on how they are to handle those devices, Smith says. That might mean forbidding employees to vacation with their laptops or prohibiting them from taking their computers home entirely.
An employee policy should also dictate who has access to confidential company or client information, which Smith says can help to decrease the chances of a security breach.
Cheap solutions can cost you down the road
Building digital security into your business budget can be expensive, and there’s certainly no one-size-fits-all solution, but failing to invest in proper systems can also be costly. In 2023, the median cost of a cyber attack for businesses with 10 to 49 employees was
A common mistake both Waldman and Smith see small businesses make is relying on free or disreputable antivirus software and failing to update that software regularly. On top of that, Waldman warns against transitioning to cloud email providers without enabling security controls or multi-factor authentication. Email was the single weakest point of entry for cyber attackers, ahead of cloud or corporate servers, according to the Hiscox report.
Investing in cybersecurity insurance can also be an important preemptive measure.
A response plan can determine how quickly you recover
Any actions you take in the event of an actual cyber attack or digital security breach are typically about trying to cover your losses. According to Smith, your business’s response plan should cover some key steps:
1. Contact a cyber security specialist or legal counsel. Better yet, consult with specialists or lawyers when you first create your plan, so you already have a point of contact if an event occurs.
2. Notify your insurance company of a possible claim. When you purchase cybersecurity insurance, it’s important for your broker to understand your business and what it does, according to Smith. That can help them understand the scope of a breach and what it means for your clients or customers.
3. Contact law enforcement. Although it’s unlikely they’ll be able to do much right away, law enforcement may have investigations open, and any information of new attacks could be helpful to them.
4. Reach out to clients. In many cases, you may be contractually obligated to notify the businesses your company works with of a data breach, Smith says.
5. Alert your customer base. If you are a consumer-facing business, you should plan to alert your customers as soon as you have the full scope of the breach, and be prepared to offer compensation or free credit monitoring.
More From NerdWallet
* 5 Ways a Business Credit Card Can Help Your Business Grow
* How to Increase Prices Without Losing Customers
* Small-Business Lenders Share an Inside Look at the Loan Process
The article What Small-Business Owners Need to Know About Digital Security originally appeared on
___
(c)2024 Akron News-Reporter, Colo.
Visit Akron News-Reporter, Colo. at https://www.akronnewsreporter.com/
Distributed by Tribune Content Agency, LLC.
Supplemental Prospectus – Form 424B5
Alliant Continues Expansion of Western Footprint with the Addition of Kama Moseley
Advisor News
- Worker retirement confidence dips to lowest level in a decade
- What’s behind private equity investment in insurance brokerages
- Advisors get a win as NJ Senate passes independent contractor bill
- Why federal retirement benefits are more complex than advisors realize
- Why timing the market is still a retirement mistake and what to do instead
More Advisor NewsAnnuity News
- Best’s Special Report: U.S. Life/Annuity Industry Sees Bottom-Line Growth Despite 18% Decline in Total Income in First-Quarter 2026
- Globe Life Inc. (NYSE: GL) Records 52-Week High Thursday Morning
- Fortitude Re Completes $500 Million FABN Issuance
- Reframing retirement income for greater certainty
- Jackson Introduces Dow Jones Industrial Average Index Option, Flexible Premiums, Six-Year Rate Guarantee in Latest Registered Index-Linked Annuity Launch
More Annuity NewsHealth/Employee Benefits News
- How much money do Connecticut residents need to retire comfortably?
- Hicks Thomas Continues Managed Care Growth with Addition of Veteran Trial Lawyer Mitch Reid
- Wyoming lawmakers mull solutions to rising healthcare costs
- Minnesota health insurers seek double-digit rate increases for 2027
- Outsider Zach Lahn couldn’t stop Montana Medicaid expansion
More Health/Employee Benefits NewsLife Insurance News
- How much money do Connecticut residents need to retire comfortably?
- Earl Dudley Jr. to Become Chief Human Resources Officer at Mutual of Omaha
- How accelerated underwriting is transforming life insurance
- OVER $107 MILLION IN LIFE INSURANCE BENEFITS LOCATED FOR TENNESSEANS IN 2025 THROUGH NAIC'S LIFE INSURANCE POLICY LOCATOR SERVICE
- Maryland Heights man pleads guilty in murder-for-hire death of his mom
More Life Insurance News