By continuing to access our website, you agree to our privacy policy and use of cookies.

Skip to Main Content

Press "Enter" to search


Cybersecurity Tips for Small Businesses

Small businesses are vulnerable to cyberattacks. These cybersecurity tips can help reduce that vulnerability.

April 13, 2023

Cyberattacks and data breaches not only threaten large employers but also present a major concern for small businesses. In many instances, small businesses can be more vulnerable to cyberattacks because they lack the resources, protocols or proper systems to protect themselves. According to the Identity Theft Resource Center’s 2022 Business Impact Report, nearly 45% of small businesses and self-employed individuals experienced a security or data breach between July 2021 and July 2022.

Cybercriminals frequently target customer and employee data. While external threat actors are the most common causes of data breaches, incidents involving remote workers, malicious insiders, third-party vendors and human error also leave small businesses exposed. Here are some essential tips to help small businesses protect themselves from cyberattacks:

  • Use strong passwords and authentication. Requiring employees to use unique passwords—changing them frequently—and implementing multifactor authentication can reduce the risk of cybersecurity breaches.
  • Train employees. Establishing security policies—such as requiring strong passwords and creating internet use guidelines—and training employees to recognize threats can be one of the best ways organizations can protect themselves. Services such as KnowBe4 can help staff improve their information security knowledge and practices.
  • Back up critical data. Organizations should regularly back up critical data, like word processing documents, spreadsheets, databases, financial and HR files, and account information. If small businesses can’t back up data automatically, they should do it at least weekly, storing it offsite or in the cloud.
  • Use virus protection software. Ensuring security software, web browsers and operating systems are updated can often be the best defense against viruses, malware and other online threats. Employers should update virus protection software regularly and scan all computer files after each update.
  • Install firewalls. Firewalls prevent outsiders from accessing data on a private network and act as gatekeepers between an organization’s computers and the internet. Employers should ensure that their operating system’s firewall is enabled. If any employees work remotely, organizations should ensure those workers’ systems are firewall protected.
  • Secure networks. Small businesses should ensure their Wi-Fi networks are secure, encrypted and hidden, and router access is password protected.
  • Control access to computers. Lost or stolen computers can make an organization vulnerable to cyberattacks. Employers can reduce this risk by creating separate user accounts for each employee and requiring strong passwords. Employees should ensure their devices are locked when not in use.
  • Create a plan. Every business, no matter how small, should have a cybersecurity plan. The more complex your business, the more likely you will be to benefit from hiring cybersecurity experts to plan for and address cyber threats. The Federal Communications Commission has developed a site where small businesses can create a free customized cybersecurity plan.

The internet allows small businesses to reach new customers and can improve productivity, but it’s not without risk. By establishing cybersecurity protocols and creating a culture of security, small businesses can protect themselves and their data from growing cybersecurity threats.

Contact a Hylant risk management expert if you would like to discuss more ways to safeguard your business and employees.

The above information does not constitute advice. Always contact your insurance broker or trusted advisor for insurance-related questions.