SMBs are even more vulnerable to cyber attacks than larger companies, says Fortinet report. Source: Shutterstock

Your small business is more vulnerable to cyberattacks than you think

CYBERSECURITY is crucial for organizations of all sizes, yet the common belief is that smaller firms are at a lesser risk simply due to the size of their companies. This could not be further from the truth.

In fact, according to Fortinet’s Q3 Threat Landscape Report this week, small and medium businesses (SMBs) are even more vulnerable to cyberattacks than larger companies.

Why is this? Anthony Giandomenico, senior security strategist and researcher at Fortinet, said this vulnerability comes from SMBs’ faster adoption of cloud services.

Additionally, Giandomenico tells Tech Republic that smaller firms also tend to have less advanced security programs in place.

According to Fortinet’s report:

“… it may be that companies of this size represent a good ‘bang for the buck’ for criminals. Smaller firms likely have less protection but also less (or less valuable) data. Larger firms certainly have the data, but also greater resources with which to protect it.

“Midsize firms typically have a large enough digital footprint to attract attention, enough valuable data to make them a worthwhile target, and yet not nearly the resources of their larger counterparts.”

The report which tracked exploits, malware, and top botnets in the third quarter of 2017, also noted an increase in attempted attacks heading into the busy holiday shopping season.

So, if you run an SMB and think you’re never going to be the target of cyber criminals, think again. It’s time to start putting a security plan in place. Here’s what you should include in your thought process when putting together a strategy:

Understand emerging trends and evolving risks

It is crucial that your SMB begins with having a good understanding of vulnerabilities that can impact your business. Some of the most common cyberattack methods to be aware of include phishing emails, malware threats, keylogging, and identity theft.

Know everything your company is responsible for

Giandomenico advises companies to ensure they are fully aware of all the assets they own and are responsible for. After all, you can’t protect something if you don’t know about it.

Password management

Perhaps one of the most common reasons why businesses can be compromised is due to the same passwords being used between accounts and devices. Hackers can easily use a single password to cause a large amount of damage to your company.

To decrease risk of threat, a unique password should be used for each account, using a mix of letters, numbers, and symbols. These passwords should also be changed on a regular basis.

Password managers such as LastPass seeks to address this issue by creating unique passwords for each of your accounts, and storing them securely so you don’t need to remember them. Using a variety of encryption algorithms and tools such as finger recognition, password manager software can provide high security to your business accounts.

Practice good cyber hygiene

The Fortinet report found in multiple instances, organizations would often see the same botnet several times. Why? Because they did not have a good response plan. For your company, it is important to document any areas of vulnerability in order to best prepare yourself for any threats.