A recent survey shows that email is one of the biggest factors in data loss for organizations. A report written from scmagazine.com states that 3 out of 5 IT experts have had their own organizations fall victim to data loss and theft through emails. This finding reinforces a previous study stating 80% of organizations faced an email based ransomware attack in 2021. This year’s Verizon Data Breach Investigations Report also has found that successful data thefts via ransomware have increased by 13% from 2020 to 2021.

What this means

The increases in ransomware causing data loss and theft, along with the risk emails pose, small businesses need to step up and get prepared. Recognizing your small business is a target and that cyber criminals do not discriminate who they target is step one. What about steps two and steps three, and so on?

Step two

Now that your small business understands there is a real risk of data loss or theft from emails and ransomware, it is time to focus on what you can do to minimize these risks. And that is what cybersecurity is all about, minimizing risk.

The number one thing a small business can do is to train and educate their employees on these threats. Consider including cybersecurity conversations in your regular staff meetings, hang up examples of phishing emails in the breakroom, reward your employees when they identify and report a phishing email, and institute regular phishing training at least once a year.

  • Include cybersecurity in your regular staff meetings
  • Show examples of phishing emails
  • Reward your employees
  • Yearly cybersecurity training

Step three

Now that you have started a plan to educate and raise cyber awareness with your employees let’s talk about what else you can do. The human element is only one layer of cybersecurity, now you need the right tools.

There are several different tools to consider, from antivirus to email protection, to firewalls, to data loss prevention tools. A list of tools can be found here.

  • Use antivirus on all devices and on your network
  • Deploying an email protection service
  • Configuring firewalls to restrict internet traffic
  • Utilize data loss prevention tools

These are just some steps a small business can take in better protecting themselves from data loss and data theft. It is important to remember there is no one solution to solve all the issues, but many solutions to minimize your risk.

For more on cybersecurity risks and tips to minimize your risk check out Small Business, Big Threat!