In the wake of Russia’s invasion of Ukraine, cybersecurity concerns in the US are mounting for small businesses, home offices and larger enterprises, according to national security alerts issued by the FBI, DHS and CISA.
Even though government-sponsored attacks are gaining public attention, cyberattacks from independent actors or groups are always a concern for small to midsize businesses. Factors like budget and IT staff limitations can leave small businesses more vulnerable to cyberattacks. The Small Business Administration reported there were 32.5 million small businesses in the US as of 2021.
There’s no foolproof way to completely protect yourself from online attacks, but the first step is to understand what the threat is, where your business may be at risk and which proactive steps you can take. To that end, we’ve compiled a list of cybersecurity tips for small business owners.
Know the most common cyberattacks
Cyberattacks can take many forms and are constantly evolving, according to the US Small Business Administration, but the best defense is knowing the most common cyberattack forms like malware, viruses, ransomware and phishing.
Malware is an umbrella term for malicious software that aims to damage your computer, server, network or client.
Viruses and ransomware are also considered as types of malware. Viruses mean to infect your computer as well as other devices, leaving your system vulnerable. Ransomware, which has been on the rise in the US, works like a virus, but is usually delivered through a phishing email and essentially holds your system hostage until a sum is paid.
Phishing is a type of scam that tricks people into clicking links that appear legitimate, but are actually malicious. Clicking the link infects your device with malware. Once your system is infected, cybercriminals can attempt to steal sensitive information. Phishing falls in a wider category of social engineering, a tactic meant to deceive individuals into disclosing sensitive information or clicking a malicious link.
Train employees to be security-conscious
Cybersecurity is a team effort. Make sure your employees create strong passwords and reset them on a regular schedule. Employees should be aware of red flags that indicate phishing emails and malicious files, as well as have an action plan in the event that an attack happens. It’s also important to keep devices, software and browsers up to date. The FCC suggests establishing clear guidelines for internet use, how to best handle customer data, as well as penalties for violating those policies.
Secure your Wi-Fi networks
Your business’ Wi-Fi should be secure, encrypted and hidden, according to the FCC. Your business’ router needs to be password protected, and it shouldn’t broadcast the network name.
If your small business is operated out of your home, consider whether it’s time to upgrade your router to handle modern security threats. If you’re new to Wi-Fi networking, CNET has a handy FAQ that covers the basics.
Read more: How to access router settings and change your Wi-Fi password
Back up your files
Cyberattacks often mean to compromise, delete or steal your data. Backup programs can help mitigate this risk. It’s even better if the backup software you’re using lets you set up a schedule or automate backups, according to cybersecurity firm Kaspersky. Keep a copy of your backups offline in case of a cyberattack.
Use antivirus software
Finding the right antivirus software is an important weapon in your small business’ arsenal against cybercrime. Antivirus software doesn’t have to break your bank either — Microsoft Defender is free for Windows, for example. Check out CNET’s guide for the best antivirus software for more information.
For more information, check out big tech’s efforts to support Ukraine shift the industry’s role and how you can help Ukraine refugees and those affected by Russia’s invasion.