REDC speaks to IT consultant Greg Phillips about the importance of cybersecurity for small businesses.
As small businesses increasingly rely on technology and online platforms to conduct their commerce, this dependence has also made them vulnerable to cyber threats. REDC spoke to "Head Geek" and owner of MYTechCoach Greg Phillips about the importance of cybersecurity for us all and how small businesses can protect themselves from the almost inevitable breach.
When speaking of IT threats, small businesses, in particular, are at a higher risk for cyber attacks. They may be less equipped to have the financial resources to invest in top-notch security measures, and the consequences of a security breach can be severe, including economic losses and damage to the business's reputation. "It's not a matter of if these breaches will happen; it's when," says Phillips. Preemptively countering these inevitable threats could save you and your business unnecessary stress and financial loss.
Rolling into the next few years, as AI becomes more intuitive, Phillips predicts the necessary strengthening around cybersecurity measures regarding everything, most notably in the authentication department. "More is going to be demanded of us this year," says Phillips. "In many instances, multi-factor authentication may not be enough anymore. The banks and the institutions will demand more because AI will knock those walls down."
What can we do to help secure our accounts?
Every account should have multi-factor authentication (MFA) and a hardened password. If you can't do those two things, do not set up the account.
Authenticate your email.
"We're all in this together, so managing ourselves and slowing down (when making assessments) is critical.”
When you read emails, be vigilant if something seems off. You can find tools to scan email headers or go to an IT professional and get advice: Is this real, or is this a scam? Which is why Phillips suggests getting an IT Audit. "A lot of us will draw up a proposal, and to do this, generally, an audit is done; it's something I give to prospective clients because, at least, even if they don't work with me, they are more aware of potential threats than before. I think a lot of us work like that."
Social Engineering
Social engineering will also become a big area where we can see a lot of vulnerability. "For example, I'm very careful if I get a request on LinkedIn. Who is this person? Why are they reaching out to me, and where are they from?" asks Phillips. Finding some link in the chain may allow that friend or follow request to meet muster; otherwise, be wary and don't engage.
"Use caution. AI has already created profiles, and is being used to deploy those, and trick people into befriending them so that that app can access personal information."
Dormant social media accounts are as, if not more, at risk of being hacked. Phillips warns against allowing an unmonitored account of any type. Do a periodic review so that you don't get severely compromised.
Take away
Cybersecurity and the avenues that we use to pursue it will morph over time, becoming more multifaceted and far-reaching. Getting better acquainted with the programs your business and staff use will only increase your likelihood of thwarting an attack in its earliest stages.
Yes, technological literacy for some of us can seem like a daunting task, but ignoring the looming threats will prove even more disruptive. And, as Phillips urges, "Get yourself an IT audit with a professional."
