UW and Wyoming SBDC Network Provide Tips During National Cybersecurity Awareness Month

The Wyoming Small Business Development Center (SBDC) Network recognizes National Cybersecurity Awareness Month during October by looking at how small businesses are impacted by cyber threats and offering tips on how small-business owners can increase their security online.

"The sad fact is that all small businesses face increasing threats from cyberattacks. Larger organizations often have expert information technology resources and sophisticated defenses, but small businesses tend to be more vulnerable because of limited resources and lack of basic cybersecurity measures," says Paul Johnson, manager of the Wyoming SBDC Network's Cybersecurity Program. "As a result, small businesses are prime targets for cybercriminals. Adopting a few simple measures today can make small businesses more secure and safe online. In many cases, those measures can be at very low or no cost."

The Wyoming SBDC Network offers business expertise to help Wyoming residents think about, launch, grow, reinvent or exit their business. The Wyoming SBDC Network is hosted by UW with state funds from the Wyoming Business Council and funded, in part, through a cooperative agreement with the U.S. Small Business Administration (SBA).

The Wyoming SBDC Network operates a Cybersecurity for Small Business Program that is funded by the U.S. SBA. The program offers personalized advising, webinars and other resources to help secure businesses from cyberattacks.

For more information, go to www.wyomingsbdc.org/cybersecurity-program.

Why Small Businesses Are Particularly Vulnerable

Many small companies operate with outdated software, weak passwords and insufficient data protection methods -- often due to a lack of financial resources. These are all open doors for hackers to get into their systems.

A report from the Cybersecurity and Infrastructure Security Agency notes that ransomware attacks hit a new target every 14 seconds. A ransomware attack is when a cybercriminal locks, or steals, data and will not allow companies access to it until they pay the cybercriminal a ransom. In the meantime, a business's operation could be completely shut down. Unfortunately, paying the ransom does not always work; the cybercriminal just steals the money and never gives access to the company's data.

"Small businesses often think, 'I'm too little to deal with. Who wants to get into my system?'" Johnson says. "That attitude leads to a false sense of security. Ignoring the potential attacks, combined with a lack of cybersecurity expertise, makes your small business an easy target."

According to the 2021 Verizon Data Breach Investigations Report, human error played a role in more than 85 percent of breaches, including ransomware, phishing and malware attacks. Fortunately, small-business owners can take measures to lessen the risk of being attacked.

Cybersecurity Measures Small Businesses Should Implement

Here are some steps small businesses can take to become more secure, Johnson says:

-- Use a password manager: Stealing login credentials is one of the easiest and most common ways for hackers to steal data. Small-business owners should use a reputable password manager and not leave written passwords near workstations or on bulletin boards. A password manager is a digital safe that will keep a business's passwords secure.

-- Use multifactor authentication (MFA): Multifactor authentication is an extra step beyond a secure password. MFA requires another form of authentication to access a business account or system, such as a six-digit numerical code sent to your phone.

-- Back up data regularly: Most cybersecurity organizations, such as the Cyber Readiness Institute, recommend using cloud services to automatically back up data. If a business is absolutely tied to using physical media backups, such as a large capacity hard drive, the business should back up its data every day and store the hard drive in a locked, fire-and-waterproof location.

-- Accept and search for software updates: Software updates never happen when businesses want them to, but accepting them is crucial to their online security. Updates don't just provide new features; they fix known vulnerabilities that hackers can use to get into systems. A Windows software update earlier this year fixed more than 140 vulnerabilities, which is plenty of open doors.

-- Contact the Wyoming SBDC Network: Visit the organization's website to learn about its no-cost cybersecurity resources. The Wyoming SBDC Network can help businesses devise comprehensive cyber readiness plans or train individuals in practices to immediately make their businesses safer.

For more information about how the Wyoming SBDC Network can help with any business needs, visit www.wyomingsbdc.org.

"The statistics show that small businesses are often the preferred targets of cyber criminals due to their lack of defenses and cyber readiness knowledge," Johnson says. "Spending a little time and training effort in cyber readiness is a long-term investment in the health of a business. One attack can seriously damage a business's financial stability and credibility or put a company out of business completely."

For more information about cybersecurity resources, email Johnson at [email protected].

Public link

Please use the above public link if you want to share this noodl on another website.