“Small businesses are not immune to cyber attacks and data breaches, and are often targeted specifically because they often fail to prioritize security.”Paul Lipman, CEO of BullGuard
A cyber attack is the single largest risk to your business today.
NO, that is not meant to scare you. But YES, it is rather scary.
If you want to protect your company from ransomware and many other harmful cyber threats that wreak havoc on small businesses—you’ve come to the right place.
This page was specifically designed to help small and midsize businesses (SMBs) without big security budgets, and dedicated security teams get up to speed on cybersecurity and understand what you can do to protect your business from ransomware and other cyber threats.
In other words, we’re here to keep hackers out of your business!
Frequently Used Definitions:
Ransomware: A type of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to decrypt the files.
Cyber Threat: A cybersecurity threat or cyber threat is a malicious attack on an information system.
Malware: Short for “malicious software,” malware is any software used to disrupt computer operations, gather sensitive information, or gain access to private computer systems.
Cyber Attack: An attempt to damage or destroy a computer network or system.
Cybersecurity: The practice of protecting electronic information by mitigating information risks and vulnerabilities.
Small Business: The definition of a small business varies, but on this page, we define a small business as any company with 500 employees or less.
Here’s the first thing you need to understand…
Cybersecurity is a very real issue for businesses in all industries, throughout big cities and small towns, regardless of the products you sell or services you provide...
… And in no way does the size of your company make you “less of a target” for cyber criminals.
On this page, you will find almost everything you need to know (we did our best) to develop a cybersecurity strategy that will…
- Protect your business from ransomware and other cyber threats
- Educate your employees on how to be your first line of defense
- Keep your customers’ sensitive data out of the hands of hackers
- Help you establish a culture of cybersecurity in your organization
Table of Contents
Chapter 1: The Rise in Ransomware on SMBs
Chapter 2: The Not-So-Small Costs of a Ransomware Attack
Chapter 3: Cyber Threats You Must Know About
Chapter 4: Cybersecurity Best Practices That Could Save Your Business
Chapter 5: Testing the Strengths and Weaknesses of Your Cybersecurity
Chapter 6: Budgeting for Cybersecurity Like a Pro
Chapter 7: Building Your Cybersecurity Team
Chapter 8: Understanding Compliance So You Can Avoid Penalties
Chapter 9: Cyber Liability Insurance for the Win
Chapter 10: What to Do When You're Hit by Ransomware
Ready? Let's get started!
The Rise of Ransomware on SMBs
"Small businesses are now the preferred target for ransomware attacks." — Cisco 2018 Annual Cybersecurity Report
You may be thinking, "Ransomware? Isn't that a problem for big companies?"
While ransomware attacks on large enterprises do make the news headlines, small businesses are now the preferred target for ransomware attacks. In fact, 43% of all cyber attacks target small businesses.
Well, for starters, small businesses typically have less cybersecurity infrastructure and fewer cybersecurity measures in place than larger organizations. This makes small businesses an easier target for cyber criminals.
In addition, small businesses often lack the resources to effectively respond to and recover from a ransomware attack.
As a result, ransomware attacks on small businesses are on the rise. In fact, the number of ransomware attacks increased by 105% over the past 12 months.
What’s more, according to Sophos, the average cost to recover from a ransomware attack was $1.85 million in 2021. Recovery costs have increased significantly over the past few years, with the average cost of a ransomware attack increasing by 66% since 2019.
But more on that in the next chapter...
Moral of the story?
Ransomware has become a very real threat to small businesses. And, the costs of a ransomware attack can be devastating…
Want to read later? Download How to Protect Your Business from Ransomware and Other Cyber Threats
The Not-So-Small Costs of a Ransomware Attack
As we just discussed, the average cost to recover from a ransomware attack is $1.85 million. But that’s just the average. The actual cost of a ransomware attack can vary significantly from one business to the next.
In some cases, the cost of a ransomware attack may be relatively low. For example, if you have a good backup system in place and you are able to quickly recover your data, the cost of the attack may be limited to lost productivity and downtime.
In other cases, the cost of a ransomware attack can be much higher. For example, if you don’t have a good backup system in place and you are not able to quickly recover your data, the cost of the attack may include:
• Lost productivity
• IT support
• Legal fees
• Ransomware payments
And while we're on the topic of ransom payments. The average cost of a ransom payment is now $570,000. That’s up from $116,102 in 2019.
While there is no guarantee that paying the ransom will result in the recovery of your data, many businesses feel they have no choice but to pay the ransom. In fact, about 3 of 4 businesses that have been attacked with ransomware end up paying the ransom.
As you can see, the price tag of a ransomware attack is rarely manageable, with 60% of companies going out of business within 6 months of a ransomware attack.
Another part of the damages that come with a ransomware attack are hidden costs. Hidden costs are the damages that are not immediately apparent. For example, a ransomware attack may damage your reputation and relationships with customers, partners, and suppliers.
A ransomware attack may also result in the loss of sensitive or confidential data. This can lead to regulatory fines and legal fees.
The cost of a ransomware attack can be significant, both in terms of direct and indirect damages. And, in many cases, the cost of a ransomware attack is simply too much for a small business to bear.
The hard part is that it's not only ransomware you have to worry about. There are other sneaky cyber threats out there too...
Download Infographic: 9 Hair-Raising Cybersecurity Stats Every Business Must Know →
Cyber Threats You Must Know About
In addition to ransomware, there are a number of other cyber threats that you should be aware of. Here are just a few:
• Denial-of-service (DoS) attacks
• SQL injection
• Man-in-the-middle attacks
Each of these cyber threats can have a significant impact on your business. And, in some cases, they can be just as damaging as a ransomware attack.
Cyber Threats to Know
Phishing is a type of cyber attack that involves sending fraudulent emails or text messages in an attempt to steal sensitive information.
Phishing attacks can be difficult to spot because they often appear to be from a legitimate source. For example, the email may appear to be from your bank or another trusted organization.
Once the victim clicks on the link in the email or text message, they are taken to a fake website that looks legitimate. The victim is then asked to enter sensitive information, such as their login credentials or credit card number.
Phishing attacks can be devastating for small businesses. In fact, phishing was the leading cause of data breaches in 2019.
Malware is a type of malicious software that can cause serious damage to your computer or network. It can be used to steal sensitive information, damage data, or take control of your computer.
Malware can be delivered via email, text message, or website. Once the malware is installed on your computer, it can be difficult to remove.
A denial-of-service (DoS) attack is a type of cyber attack that renders a computer or network unusable. DoS attacks are often used to take websites or other online services offline.
DoS attacks work by flooding the target with traffic or requests until the system is overwhelmed and can no longer function.
SQL injection is a type of cyber attack that exploits vulnerabilities in databases. SQL injection attacks allow attackers to execute malicious SQL queries that can result in the loss of sensitive data.
A man-in-the-middle attack is a type of cyber attack where the attacker intercepts communications between two parties. The attacker can then read, alter, or even delete the data being exchanged.
Man-in-the-middle attacks are often used to steal sensitive information, such as login credentials or credit card numbers.
For a full list of cyber threats your business should be aware of, be sure to read: The 2022 Cyber Threats Glossary
Cyber Best Practices That Could Save Your Business
There are a number of cybersecurity best practices that can help to prevent ransomware and other cyber threats.
But before we dive into these strategies, it would be helpful to know what a cybersecurity best practice is. Here's the definition from CIS (Center for Internet Security):
"A cybersecurity best practice is a method or technique that has consistently shown results that are superior to those achieved with other means, and can be adopted by organizations to help improve their cybersecurity posture."
In other words, cybersecurity best practices are tried and true methods for keeping cyber criminals away from your important systems and data.
Common Cybersecurity Best Practices
Creating and maintaining strong cybersecurity policies and procedures to ensure that all employees are aware of the latest cybersecurity threats and how to protect against them.
Training employees on cybersecurity best practices to help prevent ransomware attacks and other sneaky cyber threats.
Using simulated phishing attacks to test employee awareness of cybersecurity threats and their ability to identify and report suspicious emails.
Conducting regular security audits and penetration tests to identify vulnerabilities in your system so they can be fixed before an attack occurs.
Investing in cybersecurity insurance to help offset the costs of a ransomware attack or other data breach.
Implementing two-factor authentication (2FA) for all online accounts. 2FA adds an extra layer of security by requiring a second factor, such as a code from a mobile app, in addition to a password.
Regularly backing up data to an offsite location. This way, if data is encrypted by ransomware, you can restore it from the backup.
Keeping all software up to date and making sure you apply all security patches as soon as they're released.
Implementing strict password policies, such as requiring employees to use strong passwords and regularly changing them every 90 days.
Restricting access to sensitive data and systems to only those who need it
Monitoring your network for unusual activity. (If you see something suspicious, it could be a sign that your system has been compromised.)
Working with a cybersecurity expert to help you understand the latest threats and how to protect against them.
Investing in cybersecurity insurance to financially protect your business in the event of a cyber attack.
While there is no silver bullet when it comes to cybersecurity, following best practices can help reduce the risk of a ransomware attack or other cyber threats.
For more best practices that could save your business, check out: 10 Ways to Protect Your Business From Hackers.
Testing the Strengths and Weaknesses of Your Security
In order to ensure that your business is protected from ransomware and other cyber threats too—it’s important to test the strengths and weaknesses of your security.
There are a number of ways to do this, but some of the most common methods include:
• Penetration testing
• Vulnerability scanning
• Security audits
Each of these methods can help you to identify the strengths and weaknesses of your security so that you can make the necessary changes to protect your business.
Testing should be conducted on a regular basis, as cybersecurity threats are constantly evolving. Some recommend annually, but we prefer quarterly to stay on top of the latest threats and attack methods.
If you don’t have the internal resources to conduct these tests, you can always work with a cybersecurity firm that specializes in this type of testing.
Penetration testing, also known as pen testing, is a type of cybersecurity test that simulates a real-world attack on your system. Pen testing aims to identify vulnerabilities in your system so they can be fixed before an attacker finds and exploits them.
Pen tests can be conducted manually or automatically, but we recommend working with a cybersecurity firm that has experience conducting these types of tests.
At One Step Secure IT, we specialize in many types of cybersecurity testing, but we are big believers in how effective pen testing can be in protecting your business.
We have a team of experienced penetration testers that can help identify vulnerabilities in your system so you can fix them before an attacker finds and exploits them.
To learn more about our pen testing services, check out: Penetration Testing 101
Vulnerability scanning is a type of cybersecurity test that identifies vulnerabilities in your system. The process starts with an automated scan of your system, which looks for known vulnerabilities. Once the scan is complete, a report is generated that details the findings of the scan.
After you receive the report, you can then work to fix the vulnerabilities that were identified.
Vulnerability scanning is a valuable tool in protecting your business from cyber threats.
We recommend conducting vulnerability scans on a regular basis, as new vulnerabilities are constantly being discovered. We also recommend working with a cybersecurity firm that specializes in vulnerability scanning, as they will have the most up-to-date information on new vulnerabilities.
A security audit is a type of cybersecurity test that evaluates the effectiveness of your security controls and identifies any potential weaknesses in your system.
Security audits can help your company improve its cybersecurity posture by identifying areas of weakness that need to be addressed, like an improper configuration of security controls, lack of security awareness training for employees, or outdated cybersecurity policies.
We recommend working together with a cybersecurity firm that specializes in security audits. They will have the knowledge and experience necessary to properly evaluate your security controls and identify any potential weak spots.
For more ways to test your cybersecurity posture, check out: 4 Ways to Know if Your Cybersecurity Strategy is Actually Working.
Budgeting for Cybersecurity Like a Pro
I know what you're thinking now. "How much is all of this gonna cost?" And that's a valid question.
Cybersecurity is not cheap. But as you've learned on this page, the costs of a cyber attack are even higher.
As a reminder, the average cost of a cyber attack is up to $4.24 million, while the average cost of a ransomware attack has soared past $1.85 million.
And to put things in perspective for you, 83% of companies are not financially prepared to deal with a cyber attack, according to a study by Zurich Insurance Group.
So, what can you do to make sure you have the proper budget to protect your business from ransomware and other cyber threats?
Cybersecurity Budgeting Tips
1. Make cybersecurity a priority
The first step is to make cybersecurity a priority for your business. This means budgeting for it and allocating the necessary resources to ensure your cybersecurity posture is up to par.
2. Work with a cybersecurity firm
Working with a cybersecurity firm can help you save money in the long run. They can help you assess your risks, identify vulnerabilities, and implement security controls that will protect your business.
3. Get Cyber Liability Insurance
Cyber Liability Insurance can help offset the costs of a cyber attack. This type of insurance can help pay for damages, legal expenses, and reimbursement for lost data or business interruption.
4. Create a cybersecurity incident response plan
A cybersecurity incident response plan is a document that outlines how your company will respond to a cyber attack. This plan should include steps for identifying, containing, and recovering from a cyber attack.
5. Train your employees
Employee training is one of the most important things you can do to protect your business from cyber attacks. Your employees should be trained on cybersecurity best practices, such as how to spot a phishing email, how to create strong passwords, and how to report suspicious activity.
6. Stay up-to-date on cybersecurity news
Staying up to date on cybersecurity news can help you stay ahead of the curve and be prepared for new cyber threats. You can sign up for our weekly cybersecurity tips or monthly F.I.R.E. cybersecurity newsletter to receive the latest cybersecurity news and strategies delivered directly to your inbox.
7. Review your cybersecurity posture regularly
You should review your cybersecurity posture on a regular basis to ensure you are doing everything possible to protect your business. This includes conducting security audits, testing your security controls, and updating your cybersecurity policies and procedures.
And finally, include cybersecurity in your overall business budget. Cybersecurity should not be treated as an afterthought. It should be given the same importance as other areas of your business, such as marketing or product development.
By following these tips, you can help ensure you have the budget you need to protect your business from the spike in cyber attacks.
For more information on cybersecurity budgets, check out: The Real Deal to Budgeting for Cybersecurity
Want to read later? Download How to Protect Your Business from Ransomware and Other Cyber Threats
Building Your Security Team
Now that you know how important cybersecurity is for your business, it's time to start building your security team.
But where do you start? And what does a cybersecurity team even look like?
Here's a quick overview of what you need to consider when building your own in-house cybersecurity team:
Building Your Own In-House Cybersecurity Team
1. Define the roles and responsibilities
The first step is to define the roles and responsibilities of your cybersecurity team. This includes defining who will be responsible for what tasks and what each team member's job function will be.
2. Identify the skills and experience needed
Next, you need to identify the skills and experience needed for each role on your cybersecurity team. This includes both technical and non-technical skills.
3. Create job descriptions
Once you have defined the roles and responsibilities of your cybersecurity team, you need to create job descriptions for each position. This will help you attract the right candidates when you start recruiting for your team.
4 Start recruiting
Now that you have defined the roles and responsibilities of your cybersecurity team and created job descriptions, it's time to start recruiting. You can use online job boards, recruiters, or even social media to find candidates for your team.
5. Train your team
Once you have built your cybersecurity team, you need to train them on the latest cybersecurity threats and best practices. This will help ensure they are prepared to protect your business from attacks.
6. Conduct security audits
As part of your cybersecurity program, you should conduct regular security audits. This will help you assess your team's performance and identify any areas where they need improvement.
7. Update your cybersecurity policies and procedures
Finally, you need to update your cybersecurity policies and procedures on a regular basis. This will help ensure your team is following the latest best practices and is prepared to respond to new threats.
If an in-house security team is not possible, consider working with a managed service provider (MSP) that specializes in cybersecurity or managed security service provider (MSSP). MSPs and MSSPs can provide the same level of protection as an in-house team but at a fraction of the cost.
Outsourcing IT and cybersecurity functions can help you save money and resources while protecting your business from attacks.
This tends to be the direction that most small and midsize businesses go.
Have an IT staff but require additional support? Read why Co-Managed IT may be an option for your business: A Beginner's Guide to Co-Managed IT.
Understanding Compliance So You Avoid Penalties
If you are handling sensitive information, then you need to be aware of compliance requirements such as PCI DSS, HIPAA, CMMC, SOX, and GDPR. Failure to comply with these regulations can result in hefty fines.
Compliance requirements are put in place by the government or other regulating bodies to ensure that businesses are handling sensitive information properly. These requirements exist to protect consumers and their data.
PCI DSS is a set of security standards that businesses must follow if they accept credit card payments.
The HIPAA Privacy Rule sets standards for how patient health information must be protected.
CMMC (Cybersecurity Maturity Model Certification) is a set of cyber protection standards required by the Department of Defense for any contractors and subcontractors in the defense industry working with the government.
SOX is a set of financial regulations that businesses must follow if they are publicly traded.
GDPR is a set of data privacy regulations that businesses must follow if they collect or process the personal data of EU citizens.
In addition to industry-specific compliance requirements, there are also state requirements that businesses need to be aware of.
For example, California has its own data privacy law, the California Consumer Privacy Act (CCPA), which businesses must comply with if they collect or process the personal data of California residents.
And New York has its own cybersecurity regulation, the NYDFS Cybersecurity Regulation, which businesses must comply with if they are financial institutions.
That's why it's important to understand your business's compliance requirements and ensure you comply with all applicable regulations.
You can get help from a cybersecurity expert or consultant to ensure you are meeting all the compliance requirements for your business.
At One Step Secure IT, we recommend that all of our clients follow the NIST Cybersecurity Framework (NIST CSF). This is a set of best practices for cybersecurity that businesses can use to improve their cybersecurity posture.
The NIST CSF is not a compliance requirement, but it is a good way to benchmark your cybersecurity program and make sure you are taking all the necessary steps to protect your business and meet compliance requirements.
In conclusion, compliance is a critical part of cybersecurity, and following requirements will put you in a better position to protect your business from ransomware and other cyber threats.
Cyber Liability Insurance for the Win
Cyber liability insurance is designed to protect businesses from the financial damages that can result from a cyber attack. This type of insurance can cover the cost of data breaches, cybercrime, cyber extortion, and more. It can also cover the cost of business interruption, cybersecurity consulting, and legal expenses.
Most small businesses don't have cyber liability insurance, but it is something to consider if you want to protect your business from the financial damages that can result from a cyber attack.
However, cyber liability insurance is not as simple as just purchasing a policy.
With the massive increase in ransomware attacks and cybersecurity incidents, insurance carriers are becoming more selective about the businesses they insure.
They are looking for businesses that have strong cybersecurity protocols in place and are compliant with all applicable cybersecurity regulations.
So, if you want to purchase cyber liability insurance, you must first assess your business's cybersecurity risks and improve security measures even to be able to qualify for this type of insurance.
You also need to make sure you are purchasing the right type and amount of coverage for your business.
When your business gains coverage, failure to maintain the requirements of your policy could result in your claim being denied.
So, it's important to work with a cybersecurity expert to ensure you are taking all the necessary steps to not only qualify for cyber liability insurance but also to protect your business from future cyber attacks and live up to the compliance requirements in your policy.
Cyber Liability Insurance Key Takeaways
- Cyber liability insurance is insurance that businesses can purchase to protect themselves from the financial damages that can result from a cyber attack.
- Most small businesses don't have cyber liability insurance, but it is something to consider if you want to protect your business from the financial damages that can result from a cyber attack.
- To purchase cyber liability insurance, businesses must first assess their cybersecurity risks and improve security measures to even qualify for this type of insurance.
- Work with a cybersecurity expert to ensure you are taking all the necessary steps to protect your business from future cyber attacks and live up to the compliance requirements in your policy.
At One Step Secure IT, we can help you assess your cybersecurity risks and improve your cybersecurity posture, so you can qualify for cyber liability insurance and maintain your coverage. Contact us today to learn more.
For more information on Cyber Liability Insurance, check out our CLI Series:
What to Do When There's a Breach
No matter how strong your cybersecurity program is, there is always a chance that your business could be the victim of ransomware or a cyber attack.
If you do suffer a breach, it is important to have an Incident Response Plan in place so you know what to do and can minimize the damages.
What is an Incident Response Plan? Read 4 Reasons Every Business Owner Needs a Cybersecurity Incident Response Plan
The first thing you need to do is contain the breach. This means identifying what systems were impacted and taking those systems offline to prevent further damage.
You also need to identify the source of the attack and what type of data was accessed or encrypted.
Once you have contained the breach, you need to assess the damages and determine what needs to be done to restore systems and data.
This may mean working with a cybersecurity firm to help you decrypt data or rebuild systems.
It is also important to notify law enforcement, your cyber insurance carrier, and any customers or clients whose data may have been impacted by the breach.
Finally, you need to review your cybersecurity program to identify any weaknesses that may have allowed the attack to happen and make changes to improve your cybersecurity posture.
It is also important to communicate with your team about the breach and what changes are being made to prevent future attacks.
How to Protect Your Business from Ransomware and Other Cyber Threats
Ransomware is a serious cyber threat that can have devastating consequences for businesses of all sizes. But most significantly, small and midsize businesses lacking the cybersecurity resources of larger enterprises.
While there is no guaranteed way to prevent a ransomware attack, there are steps you can take to reduce your risks.
Steps to Take to Reduce Your Risks
You need to have a strong cybersecurity program in place that includes cybersecurity best practices, regular security testing, and employees trained in cybersecurity.
You also need to budget for cybersecurity and consider purchasing Cyber Liability Insurance to protect your business from the financial damages that can result from a ransomware attack.
If you do suffer a ransomware attack, it is important to have a plan in place so you know what to do and can minimize the damages.
Work with a cybersecurity expert to ensure you are taking all the necessary steps to protect your business from ransomware and other cyber threats.
Thanks for stopping by our page on How to Protect Your Business From Ransomware and Other Cyber Threats. We hope you found it helpful. If you have any questions, please don't hesitate to reach out to us.
Stay safe out there!