Sitemaps
Are We Growing or Just Getting Fat?
Let's Get Back to Our Why
Does Startup Success Validate Us Personally?
How We Secretly Lose Control of Our Startups
Should Kids Follow in Our Founder Footsteps?
The Evolution of Entry Level Workers
Assume Everyone Will Leave in Year One
Stop Listening to Investors
Was Mortgaging My Life Worth it?
What's My Startup Worth in an Acquisition?
When Our Ambition is Our Enemy
Are Startups in a "Silent Recession"?
The 5 Types of Startup Funding
What Is Startup Funding?
Do Founders Deserve Their Profit?
Michelle Glauser on Diversity and Inclusion
The Utter STUPIDITY of "Risking it All"
Committees Are Where Progress Goes to Die
More Money (Really Means) More Problems
Why Most Founders Don't Get Rich
Investors will be Obsolete
Why is a Founder so Hard to Replace?
We Can't Grow by Saying "No"
Do People Really Want Me to Succeed?
Is the Problem the Player or the Coach?
Will Investors Bail Me Out?
The Value of Actually Getting Paid
Why do Founders Suck at Asking for Help?
Wait a Minute before Giving Away Equity
You Only Think You Work Hard
SMALL is the New Big — Embracing Efficiency in the Age of AI
The 9 Best Growth Agencies for Startups
This is BOOTSTRAPPED — 3 Strategies to Build Your Startup Without Funding
Never Share Your Net Worth
A Steady Hand in the Middle of the Storm
Risk it All vs Steady Paycheck
How About a Startup that Just Makes Money?
How to Recruit a Rockstar Advisor
Why Having Zero Experience is a Huge Asset
My Competitor Got Funded — Am I Screwed?
The Hidden Treasure of Failed Startups
If It Makes Money, It Makes Sense
Why do VCs Keep Giving Failed Founders Money?
$10K Per Month isn't Just Revenue — It's Life Support
The Ridiculous Spectrum of Investor Feedback
Startup CEOs Aren't Really CEOs
Series A, B, C, D, and E Funding: How It Works
Best Pitch Decks Ever: The Most Successful Fundraising Pitches You Need to Know
When to Raise Funds
Why Aren't Investors Responding to Me?
Should I Regret Not Raising Capital?
Unemployment Cases — Why I LOOOOOVE To Win Them So Much.
How Much to Pay Yourself
Heat-Seeking Missile: WePay’s Journey to Product-Market Fit — Interview with Rich Aberman, Co-Founder of Wepay
The R&D technique for startups: Rip off & Duplicate
Why Some Startups Win.
Chapter #1: First Steps To Validate Your Business Idea
Product Users, Not Ideas, Will Determine Your Startup’s Fate
Drop Your Free Tier
Your Advisors Are Probably Wrong
Growth Isn't Always Good
How to Shut Down Gracefully
How Does My Startup Get Acquired?
Can Entrepreneurship Be Taught?
How to Pick the Wrong Co-Founder
Staying Small While Going Big
Investors are NOT on Our Side of the Table
Who am I Really Competing Against?
Why Can't Founders Replace Themselves?
Actually, We Have Plenty of Time
Quitting vs Letting Go
How Startups Actually Get Bought
What if I'm Building the Wrong Product?
Are Founders Driven by Fear or Greed?
Why I'm Either Working or Feeling Guilty
Startup Financial Assumptions
Why Every Kid Should be a Startup Founder
We Only Have to be Right Once
If a Startup Sinks, Founders Go Down With it
Founder Success: We Need a Strict Definition of Personal Success
Is Quiet Quitting a Problem at Startup Companies?
Founder Exits are Hard Work and Good Fortune, Not "Good Luck"
Finalizing Startup Projections
All Founders are Beloved In Good Times
Our Startup Culture of Entitlement
The Bullshit Case for Raising Capital
How do We Manage Our Founder Flaws?
What If my plan for retirement is "never retire"?
Startup Failure is just One Chapter in Founder Life
6 Similarities between Startup Founders and Pro Athletes
All Founders Make Bad Decisions — and That's OK
Startup Board Negotiations: How do I tell the board I need a new deal?
Founder Sacrifice — At What Point Have I Gone Too Far?
Youth Entrepreneurship: Can Middle Schoolers be Founders?
Living the Founder Legend Isn't so Fun
Why Do VC Funded Startups Love "Fake Growth?"
How Should I Share My Wealth with Family?
How Many Deaths Can a Startup Survive?
This is Probably Your Last Success
Why Do We Still Have Full-Time Employees?

The Essential Cybersecurity Small Businesses Need to Invest In

Leonardo Cooper

The Essential Cybersecurity Small Businesses Need to Invest In

While it was once an afterthought, cybersecurity should now be a priority for every business. Large businesses are still the preferred target for hackers, but this trend is shifting, as more small businesses are targeted by adversaries each year.

Cybersecurity

However deciding which cybersecurity product to invest in isn’t easy. For one, the market is rapidly changing and it’s difficult to keep up to date on the best methods. Additionally, there is no all-in-one comprehensive package for a company’s cybersecurity needs. Most times, businesses have to buy each security software individually – including firewall, anti-virus, and spam-filter solutions, among others.

But just because security tools might be difficult for some small businesses to navigate, doesn’t mean they should be ignored.

Here’s three important security solutions every small business needs:

1. Endpoint protection

In a survey of 27 data security experts on the “biggest misconception companies have about account endpoint security and data protection tools,” there was one common response: that because they have a corporate antivirus installed, companies think they are fully protected.

Anti-virus software may have been enough to protect a corporate network some years ago, but in today’s world of increasingly advanced hacking techniques and technology, it counts for little.

IT solutions expert Scott Dujimovich told the survey: “The truth of the matter is that antivirus protection is becoming more and more irrelevant in terms of protecting networks against a breach. By the very nature of their design, antivirus solutions are reactive, and are only a small and supplemental tool in keeping a network secure.”

Essentially, anti-virus systems only detect infections once they are already in the system, and once they are detected, it could already be too late. And even if you can employ anti-virus protection on all devices, this does not mean your network is safe.

A recent study from Damballa, a cybersecurity company, revealed that malware could spend as much as six months on a system before it is identified by anti-virus software.

This security issue is exacerbated by the fact that hackers are more advanced and systematic in their operations than they used to be. They can now detect insecurity with a vulnerability scan, so if your company lags behind – for example, without proper endpoint security – you could be targeted first.

Corporate networks are also bigger and more complex than ever, meaning they are harder to monitor. Businesses now have an infinite number of devices connected to their wireless network. These devices – laptops, phones, etc. – are also increasingly brought in from home, leaving a plethora of unsecured channels through which viruses can enter your network.

So when investing in security, look first for a decent endpoint security system to minimise the possibility of infections entering your network. This is essentially the last barrier of protection before your computer is invaded by a virus and your network is compromised.

Make sure the endpoint security system you opt for is at the most advanced and comprehensive end of the spectrum, encompassing intrusion detection and behaviour-blocking elements that identify and block threatening actions and behaviours, either by end users or intruders. Some good examples include Symantec, Checkpoint and FireEye.

The best service is a two-sided approach, in which security software is installed on a central server or management console, and software is installed on individual devices to prevent attacks that can infect the endpoint. The software then evaluates each endpoint before permitting access – such as the operating system, applications, web browser, etc. – to make sure each device meets security standards before it connects.

2. Data Loss Prevention

Although solid endpoint protection is the best way to shore up your defences, unfortunately, this still does not leave you immune from cyberattacks. If the world’s biggest banks and governments can be hacked, your small business is also probably fair game if somebody wants in. Cyber hacks are also not the only way for data to be stolen; in the case that your hard drive or laptop is stolen, for example, anti-virus software or endpoint security will be very little help.

You should think instead of cybersecurity as a deterrent, such as a bicycle lock (the bigger the lock, the less likely a thief is likely to choose your bike). So to stay safe, buy the biggest lock possible, or pick the strongest cybersecurity system on the market.

But with data, you also have a significant security advantage. Unlike with a bike, you have the luxury of making a copy of the object you do not want to risk losing.

Making a backup is particularly important if you work in a sector where data is essential to operations – such as a bank, or a hospital. In these sectors businesses are more vulnerable to ransomware attacks. When Britain’s National Health Service was the subject of such an attack, 16 hospitals were crippled and patients were turned away as a result. In sectors such as healthcare (the most vulnerable followed by telecoms and transportation), you simply cannot take the risk of losing data as it is pivotal to the everyday operations of your business.

To prevent such an issue ever arising, regularly backup your data. Also, regularly check that these backups work. Despite having data systems in place, 75% of businesses find they are not able to restore all of their lost data, and 23% find they are unable to recover any data at all. The key is to test regularly to ensure your backup system is fully functional, thereby avoiding any potential shocks later down the line.

3. Privileged password management and access control

Every company has some form of digital asset which employees need to work, whether that is domain names, social accounts, servers, or systems. The problem is that all of these assets require a set of private credentials in order to use them, and you have to trust people to use them diligently. Unfortunately, it turns out that people are not as trustworthy as we would like them to be.

In fact, 80% of data breaches do not come from brute force cyber hacking, but rather from the abuse or misuse of privileged credentials. This can be as simple as someone leaving private credentials visible where others can see them, or a hacker successfully impersonating another employee over the telephone and requesting said employee’s username and password.

One of the best solutions to protect data is using a Hardware Secure Vault (HSM) to store data and blockchain technology to control access to this data.

A good vault – or PAM (Privileged Account Management) solution – must do four things:

  1. Store passwords and certificates in a hardware vault, which is the only proper place for this type of information;
  2. Control who has access to that information, and when;
  3. Implement approval workflows with everything being audited;
  4. Allow access to IT resources without disclosing passwords.

With these functions not only do you know that this knowledge is safe and sound, but also who is using it, when they are using it, and how they are using it.

Small companies should have three priorities defined when budgeting for cybersecurity. Instead you need to secure your network with an advanced endpoint system, to safeguard your data by backing up regularly with well-tested backups, and guard private credentials with a security vault.

Remember that just because you are a small business does not mean you are not prone to attacks, so make sure you have your bases covered.

Find this article helpful?

This is just a small sample! Register to unlock our in-depth courses, hundreds of video courses, and a library of playbooks and articles to grow your startup fast. Let us Let us show you!


OR


Submission confirms agreement to our Terms of Service and Privacy Policy.

Already a member? Login

dheepthi V

Great blog! The need for cybersecurity for small businesses is increasing rapidly.

Reply10 months ago

Start a Membership to join the discussion.

Already a member? Login

Create Free Account