What the experts say
Nothing could be further from the truth. The simple fact is that most hackers prefer going after soft target - online assets that are inadequately protected and less likely to hunt them down with the big budgets of major corporations. Most small companies have enough personal information about employees and customers to make attacking them worthwhile for some cybercriminals. And if these online crooks hit enough small businesses, they can also make off with sizable sums of cash.
Some security experts like to make the comparison with burglars who break into multiple homes on the same night hoping to make off with all sorts of jewels, electronics, artwork and cash. The big difference is that hackers might go after hundreds, thousands or even millions of targets with automated software.
Here are 5 trends to advise your 2019 plan:
1. Ransomware; a continuing problem
It wouldn’t be a security conversation if we didn’t lead off talking about ransomware.
In case you haven’t heard of it, this is malicious software (malware) that seizes control of your computers, locks you out and demands a financial ransom to turn control back over to you. As with any kidnapping, the criminal may return the goods - only to come back and steal them again at a later date.
In 2019, consider some simple steps to stay ahead of ransomware. These should include sponsoring security awareness training for employees (to keep them from opening emails they shouldn’t), keeping your antivirus and security patches up-to-date and using hardware with built-in security features.
2. Phishing gets more devious
Like ransomware, phishing tends to occur through email.
This is a type of attack where a cybercriminal sends you a communication that looks official - maybe it came from a company like Apple or Microsoft or perhaps it seems to come from a government agency. But in fact, it’s merely an attempt to get you to click on a link that will allow a piece of malware to infect your computers.
In the past, such scams have been pretty easy to spot. They often came from countries where English wasn’t the first language, so they typically included misspellings or weren’t composed particularly well. But in recent years, cybercriminals have become much more adept at crafting their communications. What’s more, they’re also going after specific targets - such as top company or financial executives - with personalized emails that are even more difficult to detect. This is a technique called “spear-phishing.”
As with ransomware, it’s important to train employees and keep security software current. In addition, be aware that phishing attacks can be launched when employees click on links to phony Web sites. To guard against these malicious attempts, consider hardware with built-in Web browsing security features. The HP Elite family, for instance, comes with a feature called HP SureClick
that can reduce the likelihood of clicking on dangerous links.
3. Small businesses embrace AI for security
Many small business owners probably still think of artificial intelligence (AI) as something powering their Alexa
or Google Home devices and the personalized ads we sometimes get on Amazon and other sites.
But AI, at its core, is really all about automation. It uses machine learning algorithms to arrive at educated guesses and recommendations that allow us to make quick and (hopefully) smart decisions.
, a cybersecurity company, recently noted AI can also be used to both launch and defend against cyberattacks. On the hacking side, it can be applied to target small business computers more broadly and in a very specific fashion. At the same time, Webroot notes “AI and machine learning will continue to be the best way to respond to the velocity and volume of malware attacks aimed at SMBs (small and midsized business) and MSP (managed service provider) partners.”
Of course, no security measure stays safe for long. A new McAfee report
, for instance, notes hackers are already coming up with ways to evade machine learning engines. But AI could still be a viable cybersecurity option for many small businesses in 2019.
4. More companies outsource security
Years ago, when you outsourced a project, you went to a human being. An outside contractor. A temporary service.
But these days, you’re more likely to turn to a cloud-based subscription service. In fact, the everything-as-a-service (XaaS) model is changing everything - including cybersecurity.
As fortifying small business computing networks becomes more complex, and the need to do so gets more pressing, more SMBs will likely turn to a device-as-a-service (DaaS)
model for help. This model is a complete solution combining hardware, insightful analytics, proactive management and services for every stage of the device lifecycle.
Customers always have the latest equipment with the most current, built-in security features. And security aspects are managed by experts in that field, enabling small business owners to concentrate on their real priorities - pleasing customers and generating revenue.
This consumption model is still in its infancy but is likely to become more common as businesses of all sizes decide they need professional assistance keeping cybercriminals at bay.
5. Cybersecurity insurance becomes a thing
In California, many homeowners insure their domiciles when taking on a mortgage, but few go the extra mile and pay for earthquake insurance - until a big one happens. Then it becomes “a thing.”
With threats constantly rising, it behooves every small business to consider cybersecurity insurance. There are plenty of options available. Conduct research to determine what’s right for your business.
Heading into 2019, small businesses face a sketchy and challenging cybersecurity threat landscape. But by staying mindful of key trends and having a strong security strategy in place, it’s possible to diminish the likelihood of an attack and minimize the damage to your company, should one occur.