According to the 2022 Verizon Data Breach Investigations Report (DBIR), businesses with 10 or fewer employees are becoming more enticing to cybercriminals. The two most common cybersecurity attacks on very small businesses are ransomware and credential (username and password) theft. A cybersecurity attack or incident can cause severe damage to a company, often irreparably.
The 2022 DBIR includes recommendations for actions business owners can take to avoid becoming a target of a cybersecurity attack. They are worthy of the attention of all business owners, including owners of very small businesses:
- Use multifactor authentication.
- Do not reuse or share passwords.
- Use a password keeper/generator.
- Change the default credentials on all hardware and software.
- Install software updates promptly so that vulnerabilities can be patched.
- Work with vendors to ensure you are as secure as possible and that they are also following the same basic guidelines.
- Keep a consistent schedule with regard to backups and maintain offline backups (data not on a device connected to a computer).
- Ensure that the built-in firewall is switched on for devices such as laptops and desktops.
- Use antivirus software for all your devices.
- Do not click on anything in an unsolicited email or text message.
- Set up an out-of-band method for verifying unusual requests for data or payments.
- Ensure that a computer used for financial transactions is not used for other purposes such as social media or email.
- Use email services that incorporate phishing and pretexting defenses and use a web browser that warns you when a website may be spoofed.
The Verizon DBIR provides valuable and actionable information. It is relied upon by cybersecurity experts and business owners across the globe. Click here to watch our recent webinar on this topic.