October 25, 2022 — While other awareness campaigns may have little or nothing to do with your small business, you might want to pay some attention to October’s National Cybersecurity Month.
It’s an opportunity to continue to learn about cybersecurity and why it should be a priority for your business. You could gain some new insight, including another look at things you thought you already knew.
“Cybersecurity should not be an afterthought,” reminds the National Cyber Security Alliance, which with the U.S. Department of Homeland Security (DHS) launched the first National Cybersecurity Month in October 2004.
A good reminder of cybersecurity basics.
National Cyber Security Month can be a good time for businesses to review basics, like building security into products and processes.
The Alliance website suggests that creating strong passwords and using multi-factor authentication, backing up your data, and updating your software are great places to start.
“For individuals, keep cybersecurity at the forefront of your mind as you connect daily. Before purchasing a device or online product, do your research. When you set up a new device or app, consider your security and privacy settings and update default passwords.”
Small businesses remain targets.
Cybersecurity experts emphasize that while security breaches at big companies and organizations, such as the Houston Rockets and the New Metropolitan Transportation Authority, are in the headlines this year, small businesses remain at risk of attacks.
“SMBs are also targets for bad actors — costing them downtime, data, business, and revenue.
produced some he first half past year,” writes Shena Tharnish in Security magazine.
“Cybersecurity threats are constantly evolving, and the risks aren’t diminishing any time soon.”
Make plans in the event of a cyberattack.
A survey from CNBC and Momentive indicates that a majority of small business owners in the U.S. are not worried about being the victim of a cyberattack.
Further, according to a CNBC story by Eric Rosenbaum, a majority of the small businesses (59%) told the Q3 Small Business Survey that they were confident that if they suffered a hack, they would be able to resolve the attack quickly.
“And yet, many say they have no formal cybersecurity response plan in place; some business owners admit they don’t even know if their business has a cyberthreat plan,” according to the CNBC Small Business Playbook post.
Only 28% of small businesses in the survey said they have a plan in place to respond to a cyber attack. Almost half (42%) said they have no plan, but 14% did say that while they currently have no cybersecurity response plan, one is in development.
“Reaction time is critical in the event of a data breach or attack, so SMBs shouldn’t wait until an incident occurs to develop a detailed incident response plan — in that scenario, it may already be too late to mitigate much of the damage,” writes Tharnish in the Security magazine post.
Stay vigilant on what a cybersecurity breach looks like.
For many small businesses, this means keeping an ongoing awareness about possible phishing scams.
Phishing remains one of the biggest threats to businesses of all sizes, and scammers have been particularly busy during the pandemic, writes Tharnish in Security magazine.
“Google, which alone blocks more than 100 million phishing emails each day, reported that in mid-April 2020, its systems were detecting 18 million malware and phishing Gmail messages per day related to COVID-19.
She advises: “SMBs thus must educate employees on the dangers of phishing — stressing how easy it is for someone to mistake those emails for legitimate and therefore click the phishing link — and provide instructions on what to do if something seems suspicious.”
Educate yourself during National Cybersecurity Month.
For the 18th year, the National Cyber Security Alliance (NCSA) and the U.S. Cybersecurity and Infrastructure Agency (CISA) are co-leading the effort to promote the importance of cybersecurity awareness in October during National Cybersecurity Month.
This year’s theme is “Do Your Part. #BeCyberSmart.”
“The theme empowers individuals and organizations to own their role in protecting their part of cyberspace,” says the Alliance on its website. “If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences or training employees – our interconnected world will be safer and more resilient for everyone.”