Small and mid-sized businesses (SMBs) are increasingly in the crosshairs of cybercriminals. With devastating effects.
Fully one-third of SMBs were hit with a cyberattack in 2024, according to a report from Microsoft Security. With phishing, ransomware, and malware topping the list of most common cyberattacks on small businesses.
We're not talking about corporations here; nor are we talking about government entities.
We're talking about your business and our business. We're talking about businesses right here in Arkansas.
We've written elsewhere about specific cyberattacks on Natural State businesses — whether it's Rogers-based Apprentice Information Systems, Fayetteville-based Oral Facial & Surgery Clinic, Sherwood-based The Heritage Company, or Conway-based Central Baptist College. Every day, it seems, SMBs in Arkansas are targeted by cybercriminals in search of their next victim.
And how much do cyberattacks cost? Alarmingly, Microsoft Security reports that attacks on small businesses cost an average $255K!
Leading, naturally, to the question: What can small businesses do to fight back and avoid a $255K cyberattack?
We're glad you asked — because that's the first step in turning your business into a well-defended fortress against cyberattacks.
TekTrendz assembled a tip sheet to help our clients and other local businesses avoid being soft targets.
Many precautions against cyberattack are as simple as they are effective. A formidable defense against hackers doesn't require technical skill or advanced knowledge. It takes action. It takes action from you.
Unfortunately, despite the ease with which many businesses could implement these precautions, SMBs often get distracted by day-to-day business matters and simply fail to take steps like those in the list below. Sometimes, at a cost of $255K.
Don't let that be you. Take this tip sheet — and put it into action. Today.
And just give us a call if you have questions.
Using the same, simple passwords practically invites hackers. Use passwords that combine numbers, upper and lower case letters, and symbols — and use different passwords across platforms. Can’t keep track? No problem. Use a password manager.
Two-factor authentication (2FA) locks down access to software/online portals (e.g., email, banking) beyond passwords by requiring a second form of proof (e.g., authenticator app, SMS code). Done right, 2FA is a formidable barrier to hackers. Always use 2FA!
Cybersecurity is a cat-and-mouse game. Hackers scan the internet for security holes in outdated software, while manufacturers issue software updates to “patch” these holes. Don’t be a soft target; regularly install updates to operating systems, apps, browsers, etc.
Your inbox is a battlefield; it’s the entry point for most cyberattacks today. Require 2FA. Learn to spot phishing emails. Use well-secured email clients (e.g., Microsoft 365) and advanced spam filters. Tighten up your inbox to stick it to these hackers.
Hackers can use your personal information (PII), including your social media posts, to guess passwords and answer security questions. PII can also be used to impersonate you, write phishing emails, and identify security weaknesses. Be careful what you share.
Businesses often protect work computers but neglect personal, on-the-go devices like mobile phones. Don’t store sensitive info on mobile devices. Enable auto updates. Use biometrics. Be cautious with public hotspots. Turn on remote wipe (for lost devices).
Antivirus/endpoint protection. Firewalls. Encryption. SIEM/log management. Must-haves, increasingly, for businesses. Here’s the thing: All software isn’t equal. Quality matters. So does proper installation, management. Make your business a fortress.
Your data is your business. Accidental deletion or hardware failure can wipe out years of work in seconds. And hackers can hold your data hostage — demanding a huge ransom. Unless you regularly update your files. Preferably to the cloud.
Cyberattacks usually result from human error, so teach your team about phishing, passwords, 2FA, etc. Start with this tip sheet. Ensure every member of your team understands the basics of cybersecurity. Then, implement regular, online training for your team.
“An ounce of prevention is worth a pound of cure.” Never has this been more true than here. After an attack is $255K too late to get serious about cybersecurity. Train, prepare, test. Resist the temptation to delay. Be proactive.
Sometimes you just need to talk to pros — without judgment, without sales pitches, without charge.
If you're an Arkansas business with questions on how to implement these tips, or if you just need to talk with experienced, certified experts about your business IT, we're here to provide free answers to your IT questions. It's what we do.
Just click below, or give us a call at 479.696.8268. We look forward to talking.