Top 3 Cybersecurity Threats for Small Businesses


In the digital age, every business should have a strategy to counter the threat of cyberattacks. Here are three of the most widespread cybersecurity threats for small businesses and some advice for contending with them.


1. Phishing

This is the most widespread cybersecurity threat facing business, accounting for about 90% of data breaches. Phishing attacks occur via email and social media sites. A cybercriminal sends an email or message in which they pretend to be a trusted contact and try to convince users to click on a malicious link, download malicious files or provide sensitive company information or data.


Phishing attacks can be difficult to combat, as they target individuals within a business rather than technological weaknesses. However, there are a variety of tools that can help decrease the incidence of phishing attempts. Secure Email Gateways (SEGs) are among the most effective. These are software programs that filter out phishing attacks as well as malware and spam. Cyber security training for employees also goes a long way. Employees who have access to sensitive information should know what a phishing attack is and how to spot one.


2. Malware

Malware is short for malicious software. Types of malware include viruses, worms, spyware, ransomware, Trojan horses and adware. Essentially, these are programs designed to damage a computer or gain unauthorized access to a network. For example, a Trojan horse is malware that is disguised as legitimate software. Once downloaded, Trojan horses can enable cybercriminals to steal sensitive data and spy on users.


Malware usually comes from downloading malicious files or software (usually via email), hacked webpages, infected USB devices and external hard drives. Your first line of defence against malware attacks is a quality antivirus program. In addition, you should instruct employees never to open suspicious email attachments and to stay away from suspicious websites.


3. Password attacks

Many cyberattacks involve criminal hacking into cloud services as a result of easily guessed passwords or users having the same passwords for multiple accounts. Companies often store sensitive data on the cloud, such as clients’ financial information.


Ensure that all accounts associated with your company have strong passwords and impress on employees the importance of not reusing passwords from other online accounts for work accounts. Some companies even go the extra step of having employees change their passwords regularly (for example, every 30 days).


Business insurance in Halifax, Nova Scotia

Don’t let a cyberattack cripple your business. Ask a broker at Eisenhauer insurance about adding cybersecurity coverage to your business insurance policy. Contact us today for a free insurance quote in Nova Scotia.