Three Ways Small Businesses Are Failing at Cyber Security

Recent cybercriminal activity has focused on high-yield, low-cost strategies, like phishing emails, which rely on human error. Unfortunately, human error  accounts for nearly 84 percent of cyberattacks.

The most advanced technology can’t stop people from opening email attachments or clicking malicious links. What if 84 percent of cyberattacks could be prevented through extremely inexpensive and simple means?  Would you do what needed to be done? Here are three ways you may be failing at cyber security right now.

Putting Off Software Updates

It’s common for people to delay software updates with the intention of doing them when they are “less busy” or waiting until kinks and bugs are worked out. The truth is, you probably won’t be “less busy” anytime soon. Sorry to break it to you.

More importantly, new security procedures are introduced through updates, which are designed to patch vulnerabilities. Such procedures are often newly discovered solutions to stop rampant attacks. Visit your providers website to verify that your devices have the most recent updates.

Keeping Passwords in an Easily Accessible Location

We recently spoke to small business owner, Max Robinson – owner of Fish Tank Bank, and learned about his company’s experience getting locked out of their business accounts. The time and money spent to recover those accounts was the price they paid to learn “that you shouldn’t have passwords saved anywhere, but if you absolutely must, then you certainly shouldn’t keep all your passwords in one place.”

Cybercriminals are like water, in that they will take the path of least resistance. If there is a chance your company’s passwords, especially those selected by employees, are easy to locate or guess, cyber-crooks will find them.

Not Prioritizing Employee Education

Phishing emails and malicious websites are the two most prominent ways cybercriminals gain access into your computer and distribute malware. These strategies can usually be spotted before the damage is done, but it helps to know what you’re looking for. Share this knowledge with your employees!

• Poor spelling and grammar: Companies usually hire professionals to write and/or edit content. If something seems fishy about an email, it’s probably because it is phishy.
• Threats: While a company may use urgent language to advertise a promotion, they probably won’t tell you if you don’t act now, you will be locked out of your account indefinitely.
• A popular company’s name is present: Phishing emails will often be sent under the guise of a well-known business. Even if the official logo is present, and it appears to link to the official webpage when you rest your cursor over it, don’t open attachments or click links. Look at the sender’s email; any misspellings are a giveaway.

Not Considering Expert Help (even when it's free)

Work with security experts to find and fix weaknesses in your company’s network. Hummingbird Networks can evaluate your system and covertly test your employees with a variety of “con man” techniques for FREE.

84 percent of cyberattacks can be easily and cheaply avoided! What are you waiting for?