Small businesses and work at home entrepreneurs are being targeted by ransomware at an alarming rate and over 80% of businesses that pay a ransom will get attacked a second time. In fact, hackers, scammers and viruses are getting smarter every day and cybersecurity measures, to keep company information safe and secure, is one of the most overlooked investments small businesses skip and it can be a very expensive oversight.
Christopher Bartosz is a cybersecurity expert and the President and CEO of FVC Technologies that focuses on servicing small to mid-sized businesses across the nation as their outsourced IT department. His company provides not only IT management, but cybersecurity solutions that keep the company secure and he has identified four of the biggest mistakes small businesses make when it comes to cybersecurity.
#1 - Thinking a business is too small for an attack. No business is too small to be the target of a hacker including work at home entrepreneurs. According to Bartosz, "If you have a bank account, you're at risk of a cyber attack. Fifty percent of small and mid-sized businesses have experienced at least one cyber attack in the past year."
#2 - Not understanding most consumer anti-virus programs won't protect them against all hackers. The typical anti-virus software, also known as anti-malware, is originally designed to prevent, detect, and eliminate malware and viruses. These programs usually run in the background to provide protection but with the explosion of other malware, antivirus software cannot always protect against the latest computer threats. Small business owners and work at home entrepreneurs think they've done everything they can to protect and make their laptop and computer systems secure when they are installed. However, according to a recent survey by Fortinet, 81% of small businesses report that new types of attacks have evaded their traditional security solutions including anti-virus software.
#3 - Thinking that IT and cybersecurity are the same thing or relying on a friend for IT Support. It's great to have a friend who can be consulted for basic IT, or Information Technology, support, but one big mistake people make is thinking that IT and cybersecurity are the same thing. Bartosz says, “Basic IT support and cybersecurity are a completely different skill set. IT support can fix basic computer problems, but not necessarily close the holes hackers are trying to get in. Relying on a friend who knows ‘something about IT’ is just enough to be dangerous."
#4 - Looking at IT security as an expense and not an investment. Small businesses and entrepreneurs think they're protected with a consumer anti-virus program that costs around $70, but that is not always enough. In fact, according to Fundera, small and mid-sized businesses spend an average of $955,429 to restore normal business in the wake of successful attacks. Alarmingly, as many as 60% of companies go out of business six months after an attack.
Most small businesses are, unfortunately, vulnerable to cyber attacks, but there are preventative solutions to mitigate the risks. FVC Technologies takes a security first, not an 'IT support' first approach. According to Bartosz, "We provide a risk assessment that often reveals hidden doors for hackers to walk right on in and then show our clients this information so we can put together a plan to close and lock those doors."
Bartosz also recommends investing in a professional and next generation endpoint protection program that scans in real time and catches vulnerabilities, "When we work with clients, we offer them an A.I. driven level of protection that is only available to IT professionals. Larger companies should expect to dedicate 7-10% of their IT budget for cybersecurity and smaller companies who do not have an IT budget should plan on spending 3% of their total budget on cybersecurity. It's a form of insurance especially compared to the expense of a data breach or ransomware attack."
Christopher Bartosz is the author of two books on cybersecurity including Why Your Business Must have Cybersecurity Risk Assessments and Cybersecurity Now and he provides education and security training to the companies he serves. He has extensive knowledge of multiple government regulations that he uses to ensure his clients who hold government contracts remain compliant and secure.