For the online business, cyber crime is, indeed, an ever present threat and an ever present reality. What most small business owners and online entrepreneurs fail to understand, however, is how inevitable it might be. Most current research suggests that small business just assumes their risk tolerance to be almost zero so they take no precautions. This, unfortunately, is well known to cyber criminals and hackers which is why small businesses are their easiest prey.
All a small business, or online entrepreneur, needs is just one breach, one hack, to cause irreparable damage. The losses incurred to their reputations, as well as their customer base, usually does not allow for most small businesses to recover. Most of all, many small businesses do not sit with their risk management advisors in an effort to try and mitigate it or to transfer this risk through liability insurance.
Cyber security experts know that small businesses are the most favored targets for cyber criminals. Very small business, especially those based online, have customer credit card info as well as direct links and access into their own payment systems and bank accounts. Another recent tactic being employed is for a criminal organization to penetrate a small business’ servers and then just be patient. If your company is in an industry that is currently experience unprecedented growth, the thieves will simply wait and see if you sell out to one of the major players in your industry. When you do just that, the thieves are now into some serious criminal territory.
The most important thing for a small business owner to do is to perform a regular risk audit of all systems within the company, not just your IT. The most glaring risk are your employees themselves especially those that have sensitive company information stored on their own personal computers, mobile devices or laptops.
Your first step in a risk audit needs to be determined by the specific nature of your particular business. Online companies need to mitigate risk with regard to denial of service attacks. Your accounts payable systems are among the most vulnerable so re-examine your procedures there to mitigate future risk. Educating your employees must be an ongoing strategy. They must follow your procedures and be ever vigilant.
In the end, the small business must simply assume that they have a giant target on their back. Expect that you will be hacked and compromised. In addition, you can mitigate risk to your systems by regular data backups. Also, teach your employees to recognize certain signs of potential penetration and show them what they need to do to prevent it or bring it to the attention of the decision makers.
