Small Business Pam Watson Korbel

Small Business Pam Watson Korbel
Picture of Pam Watson KorbelPam Watson Korbel is an expert on small business and revenue growth. She personally managed exponential growth in two companies: a software firm that grew by 500% in four years and a health care firm that grew by 1800% in eight years. In addition, she has been advising fast growth companies as a coach and consultant since 1996.

Hacking Is Not Just For Big Companies

Hacking Is Not Just For Big Companies

Computer hacking is not just for big companies anymore. In fact, experts estimate that between 44 and 66 percent of small businesses have experienced a cyber attack in the past three years.

Estimates show that the average cyber attack costs a small business $200,000 in the first year and that two-thirds are forced out of business within a year because of this high cost. Small companies have a larger risk because they typically have weaker online security. Among this market, 20 percent do not scan emails to protect against threats and 60 percent do not use encryption systems for web traffic moving in and out of company sites.

In addition, all businesses face a larger cost for cyber attacks because laws to protect against security threats for commercial bank accounts are not as beneficial to them as they are to consumers holding personal accounts.

So it just makes sense for entrepreneurial companies to put a security policy in place and activate several smart practices to reduce and eliminate cyber attacks.

Technology and Accounting advisors suggest that a good security policy covers four areas:

  • How to prevent low tech attacks like dumpster diving and employer threat;
  • How to prevent high tech attacks like phishing and hacking;
  • Procedures checklist for preventing an attack like practices for handling personal information and regular training of employees;
  • Protocol for notifications about cyber attacks including officers, employees, customers, vendors and all other stakeholders.

Practices to put in place to reduce or eliminate cyber attacks include:

  • Firewalls – Install firewalls on your computer network to control incoming and outgoing traffic on your computer network and monitor threats. These may be hardware or software-based.
  • Encryption – This function adds a layer of protection by converting data into another form that is not easy for others to understand. Multi-factor authentication is one form of encryption where two forms of authentication are required to enter a domain.
  • Passwords – Changing passwords often actually works. Experts recommend that passwords be 8 to 12 characters in length. (Stay away from the most used passwords: password and 123456.)
  • Fraud Protection – Take advantage of any fraud protection tools that are offered to you. For example, if a vendor experiences fraud and offers you a tool as compensation, take it. You can also independently invest in these tools without experiencing fraud.
  • Training – Once you set up policies and procedures for fraud and cyber attacks, train employees often. Each new employee should go through a program, and refreshers should be provided two to three times per year.
  • Experts – Hire computer security experts to help you devise your policies and procedures and regularly audit your systems and documentation.
  • Insurance – Most businesses qualify for insurance to cover losses from cyber attacks and most companies benefit from these policies at some point.
  • Software – Install anti-virus and anti-malware software on your systems to detect and prevent attacks on your computer network.
  • Email – Use email hosts that provide a layer of security of their own in addition to the security on your computer network.
  • Credit Cards – Use a third party to process credit cards for your company so that you don’t need to store consumer information at your site.

Even though cyber attacks seem like a relatively new phenomenon, regulators expect small business owners to take responsibility for protecting their companies. While no one person can understand and know all the relevant information, like in other business functions, advisors are readily available to assist with security for any business.


Read other small business articles