We will see security breaches continue to rise as long as cybercriminals continue to hone their skills and tactics. They will continue to prey on small businesses, and they are diligent in their efforts to attack. Despite this risk, SMB owners continue to underspend on cybersecurity, this may be due to cost or the idea that they are not a target. According to the State of SMB Cybersecurity reports, half of the 28 million small businesses in the U.S. have been hacked by cybercriminals. That is 14 million small businesses, folks. You are a target, we all are.
The most common reason for cyber intrusion is HUMAN-ERROR. It is important to train employees on what they are or are not doing that may be leaving your company vulnerable. Offering Security Awareness training for your employees provides them with the knowledge they need to greatly reduce your odds of getting hacked.
What are employees doing that will get you hacked? Below are the top 5 most common mistakes:
Not Being Aware
Employees should be aware that they are a target for cybercriminals and that IT IS THEIR JOB to help stop them from carrying out a successful attack.
Unprotected Email
Employees often have 2-step verification shut off. Enabling 2-step verification is simple to in most email platforms. After a 2-step verification is enabled, a code will be texted to the employees’ phone making it so that a cybercriminal would have no way to access that email account.
Clicking on Fake Emails
According to cybersecurity company PhishMe, 91% of cyberattacks begin with a spear-phishing email. These emails are designed by hackers to look like authentic support departments, such as Microsoft or Google, or could even appear to come from you (their boss). Once an employee falls for a phishing scam, their computers/mobile devices become infected with ransomware.
Weak Passwords
SplashData reported that the most common password is 123456. Not only is this a very weak password to begin with, but people are often reusing their easy to crack password across multiple sites and accounts.
No Backup
There is a good possibility that at least one employee in your company isn’t backing up the data he or she is supposed to be, which is a major problem. Not only is there a risk of files being lost due to technical issues, but there is also danger in losing those files to a cybercriminal. During a ransomware attack, a cybercriminal locks the user out of their account and denies them access to their files unless a ransom is paid. Even after the ransom is paid, there is no guarantee that the files will be returned to the user, making backup files crucial.
Training your employees on security is vital and a great way to ensure they know what to look out for to help prevent a hacker from carrying out a successful attack on your business. In addition to security awareness training, it is beneficial to share these 5 common mistakes with your employees to bring them to their attention and help them understand the risks.
To learn more about the biggest risk factors in your business, call today at 918.436-1830.