By Brad Atkin, CPA, CISA, CITP  Shareholder

Q.  As a closely held middle-market company, I have not heard many stories about similar-sized companies being subject to cybercrimes? Do I really need to be worried about it?

Yes, you absolutely do! According to the recent State of Cybersecurity in Small and Medium-Sized Businesses (SMBs) Report, more than 61 percent have been breached in the last 12 months. Over a quarter of them had to deal with losses greater than $500k as a result. Negligent employees, weak passwords, phishing scams and ransomware, among others, aided the cybercriminals. With the ability of one single incident to take down your company, it is critical to make cybersecurity a top priority. Especially as the methods of attacks become more innovative.

Q.  How do I reduce my business’s risk of becoming a victim of cybercrimes?

Know your risks or use an advisor to assist you in identifying and mitigating them. Recently, there has been a significant jump in risks across SMBs due to the amount of mobile devices and ancillary devices, such as HVAC, smart TVs and refrigerators, being connected to your networks. Make sure these are protected from easy intrusion.

Ensure your company is using remote computer backups to be able to restore your information. Lack of a proper backup and recovery strategy has been a significant factor in 60 percent of SMBs going out of business as a result of cyberattacks. Have your system scanned to determine exposures easy to obtain by inexperienced hackers.

Find a provider to perform both an internal and external vulnerability assessment to give your IT team a road map of critical areas to patch. This helps identify all the neon signs saying “open for hacking.” The easiest way into your system is through a phishing email. Bring awareness through training or having a fake phishing campaign done.