Small Business and Cybersecurity

By: Robert Hendrix, CPA, MBA, Audit Manager

Not a week goes by without a new hacking story in the news. Whether it’s Target, Yahoo, the DNC, even the NSA was hacked last year, these big headlines show just how vulnerable we all are. Small businesses are becoming more and more targeted due to not having the resources, and more importantly, not having a plan to mitigate their risk.

The end goal of the attacker is to take and exploit an organization’s sensitive data. The cyber enemies retrieve this data through malware, password attacks, phishing or other more complicated tactics. They seem to have unending resources to continue to beat the protection on the shelf. These exploits can bring harm to your customers and members, and affect how your brand and reputation are viewed in your community. 

So what can I do to protect my organization? What best practices will keep my company as safe as possible?

  • Cybersecurity Insurance – Your general liability insurance does not often cover you from cyberattacks. It is important to really look into your policy to see what kind of coverage you will receive. There is a large variance in the different types of coverage, so make sure you have the correct coverage for your needs. 
  • Software – Keeping your software up to date is an easy way to help make sure you have the initial protection that you need. Hackers know where the weaknesses of the software are, and not having the corrected patches makes your organization more vulnerable.
  • Infrastructure – Have a redundant technology infrastructure that continuously backs up your data to multiple areas. Having your information saved on multiple servers will allow you to recover your information and restart normal operations without significant downtime. 
  • Security Policies – Regularly updating and strengthening passwords, and informing your employees on how to be safe while on your network is one of the easiest ways to protect yourself. Limiting personal emails and social media websites are also a good way to keep the bad guys out. 
  • Risk Assessment – Have an IT consultant review your system to educate you on where you are vulnerable. Paying a consultant may seem expensive, but can you put a cost on your organization’s reputation?

Whether you are a large or small business owner, cybersecurity is a part of being in business. Are you doing enough to protect yours?

For more information call Osborne Rincon CPAs at 760-777-9805.