On July 20th, Brian Dennis, cybersecurity specialist with the America’s SBDC Kansas, gave a presentation for the Manhattan Area Chamber of Commerce on Continuity and Cybersecurity that focused on the importance of good cybersecurity policies and practices for small businesses.
Small businesses, often easy targets of opportunity, are increasingly at risk of stolen, corrupted, or lost data due to cyber threats from hackers, spyware, and malware. 40-60% of small businesses without recovery plans that fall victim to data breaches plans never recover from the attacks, and of those that do, the majority go out of business within 3 years. Loss of business continuity, loss of customer /client trust, loss of contracts, damaged stakeholder relations, legal fees and recovery costs are heavy burdens for small businesses to bear. Cybersecurity is an area where the old adage, “an ounce of prevention is worth a pound of cure,” definitely applies; but not only is it important for small businesses to minimize their exposure to cybersecurity risks, it is also important for them to have a well thought out recovery plan.
This autumn, the Kansas SBDC will be launching its innovative DatAssured ™ cybersecurity center to help small business owners in Kansas with industry-specific preparedness assessment, vulnerability testing, protection protocols and recovery plans for cyber threats. This center will bring Kansas to the forefront nationally in the rapidly developing world of cybersecurity.
Brian’s Top Ten Tips for Small Business Owners:
- Protect against viruses, spyware and other malicious code by using antivirus and anti-spyware software configured to update automatically.
- Secure your networks by using a firewall, encrypting information, hiding your wi-fi networks and requiring passwords for access.
- Establish security practices and policies for how employees should handle and protect sensitive data and for how violations of policies will be handled.
- Educate employees about cyber threats to protect your business’s data, including safe practices for use of social networking and email.
- Require employees to use strong passwords and consider implementing a multi- factor authentication protocol.
- Employ best practices on payment cards by isolating payment systems from other less secure systems, e.g., do not surf the internet on the same computer that is used for processing payments.
- Regularly back-up data, preferably automatically, and store backup copies in distinct locations.
- Control physical access to, and use of, your business computers and devices.
- Create a mobile device policy that requires users to password protect devices and to use security apps to prevent criminal access to data; and outline procedures for lost or stolen equipment.
- Protect all pages on your business website and social media.
The Kansas SBDC will be hosting a one-day small business cybersecurity conference at the Wichita State University Metroplex on October 4th. Once registration for the conference opens, we shall post information on our WU KSBDC social media. Small businesses in Kansas can contact their local SBDC for guidance in assessing their understanding of cybersecurity, their current status in regard to averting risks in this area and their preparedness for recovery. We encourage small business owners to take their cybersecurity seriously because we care about the health of our small businesses.
Laurie Pieper, Ph.D.