The current state of cybersecurity for small business

"Cybercrime is the greatest threat to every company in the world."

Since former IBM Chairman, President and CEO Ginny Rometty said this in 2015, global cybercrime costs that were once $3 trillion per year are expected to reach $10.4T annually by 2025 - a 15% growth rate every year.

Whether it's malware, phishing, ransomware or stolen hardware, cyberattacks happen and unfortunately are something all businesses must be prepared to defend against, especially small businesses.

In a recent study, Iron Mountain found that more than 90% of small business owners have someone responsible for their cybersecurity. This included 32% managing it themselves, 21% having a dedicated cybersecurity employee and 25% relying on an external IT company.

Additionally, 91% of respondents are confident in these current processes. However, 25% of the respondents still underwent a cyberattack.

Through our survey findings, we were able to identify two ways small businesses can improve their cybersecurity processes and help to lower their chances of facing a cyberattack.

Look out for your employee, tax and customer information

Of the small businesses that faced an attack, our survey found 40% were targeted for employee records, 35% for tax records, 30% for customer records and 28% for personal identifiable information (PII).

To better protect this commonly targeted information, conduct a data audit to determine what information you have, pinpoint the most valuable assets and know where these records live.

Specifically, once you know where the records live, find out if they are located in a secure service, cloud storage area or saved on your computer's hard drive. If saved locally, consider transferring them to a cloud service, as most have security protocols already set in place.

The next step is to ensure your key data, based on where it lives, is updated with the latest and proper security measures. For example, ensure you have a secure firewall in place to monitor unauthorized network traffic as well as updated antivirus software to protect from malware.

Another important element in a data audit is to determine who has access to your records and implement a dual authentication system. This provides an added level of secure access beyond passwords, allowing only those with approved authority to view sensitive information.

All these elements will allow you to have a more protected system to regularly monitor your data and be better equipped to spot threats and quickly defend against attacks.

Download the full whitepaper to learn more