6 Common Cybersecurity Mistakes and How to Avoid Them

As Cybersecurity Awareness Month comes to an end, we’ve got cyber security on the brain and want to help you avoid 6 common and expensive mistakes that small businesses often make.

We continue to become more connected and more reliant on cloud software and social media, making it easier for sensitive information to be hacked.  

Juniper Research reported that, in 2019 alone, Cybercrime has cost $2 trillion to businesses and half of those affected were small businesses. “Business threats come in many shapes and sizes, including employee theft, vandalism, break-ins and the all-encompassing data breach.

Here are 6 mistakes you want to avoid so you are protected against cyber criminals.

Mistake No. 1: Thinking it won’t happen to you.

One of the biggest mistakes small businesses make is thinking they are too small to be noticed by cybercriminals. In reality, being small is what makes you a target.

Take precautions so that you aren’t caught off guard.

Mistake No. 2: Being too lax with admin account access

Rob Clyde, managing partner at Clyde Consulting and the chair of the board of directors for the non-profit ISACA information security organization explains,Admins have full privileges and often have access to the keys to the kingdom in the virtual and cloud environments. That means a hacker who gains access to an admin account can literally take down an entire enterprise. And yet attacks targeted at admins are commonly overlooked.

Clyde recommends that companies reduce their number of admin accounts and ensure that they are available only to those who need them. He also recommends adopting granular security so that permissions can be monitored and you only grant access to the resources that admin truly need to do their work.

Mistake No. 3: Using weak passwords and not changing them often enough

This article from Refinery 29 has great pointers for creating an unhackable password so you can cover your bases: How To Create An Unhackable Password (& Remember It).

Mistake No. 4: Lack of ongoing training on cyber security vulnerabilities

It’s good practice to test your staff and continue to train against the potential vulnerabilities you uncover. 

Clyde explains,“Anti-phishing training is particularly important because of how frequently it’s the way companies are breached.”

He goes on to say that,For training to be successful, you’ll need to send non-harmful, phishing emails to employees and then measure how they responded. How many actually fell for the bait and clicked? And then do more training, until people respond properly.”

Mistake No. 5: Not installing software and system updates when they become available

When new updates or patches are released, don’t wait too long to install them. 

The bad guys know what all the vulnerabilities are —its public information,” Clyde says. “The exploits are out there for all to see and use on the Internet. So you’ve got to be vigilant in keeping systems up to date.” 

Mistake No. 6: Trying to do it on your own

With technology constantly changing and evolving, it might make sense for you to enlist the help of professional security providers. This depends on your comfort level and whether or not you have an IT department you can lean on. Having someone to help allows you to turn to a designated resource to help you through challenges that may come up.

If you can’t use a vendor to outsource your IT, you want to consider software options that can help bridge the gap.

Here are some options to consider having in your repertoire for cyber protection.

**We are not compensated for sharing the software, apps or websites we tell you about. We share these resources because we find them helpful. Please do your own research and do what is best for you and your business.**

AVG Internet Security Business Edition: Engineered for small businesses. Safety and security are top of mind with this software as it blocks dangerous software, encryption, and file shredding.

Avast Business Antivirus Pro Plus: Great to use if you are a company with mobile workers, and protecting data is critical. It has all the features such as a firewall, VPN, and data shredder. It can slow down operating systems and is more expensive in nature.

Learn about more options here from CNET — they cover what’s new in tech, culture and science, why it matters, how it works and what you need.