Partnerships

How to improve cyber security for your small business

Just because you run a small business, doesn’t mean you’re beyond a hacker’s notice. Small businesses often hold the same types of sensitive customer information as larger enterprises. That, combined with their perceived lack of cyber security knowledge and resources, makes them an attractive target to hackers.

According to a recent SBA survey, 88% of small business owners felt their business was vulnerable to a cyber attack. Yet many businesses can’t afford professional IT solutions, have limited time to devote to cyber security, or they don’t know where to begin.
 

The best way for small business owners to be adequately prepared is to educate themselves on common threats and the best strategies to defend themselves from a cyber attack.

Common cyber threats to small businesses

Social engineering fraud

Social engineering fraud involves manipulating people into divulging confidential information such as passwords, social security numbers, or credit card information. The most common form of social engineering fraud is phishing emails, which are designed to appear as though they have been sent from a legitimate organization or known individual and trick victims into paying out money or revealing sensitive data. A small business looking into new products and vendors — for example, to help systematize their day-to-day operations — may be susceptible to social engineering fraud. Be sure to check on the credibility of the organization before responding to emails or clicking on any email links.

 

Remote working options

Many small businesses offer working from home options and, while remote work can have some advantages, it can also expose businesses to a range of cyber security risks. With a distributed workforce, it’s important for staff to be even more careful about maintaining cyber hygiene.

 

Malware

Malware is any software intentionally designed to cause disruption and damage to a computer, network, or gain unauthorized access to private information — such as viruses and ransomware. While ransomware attacks are generally associated with larger companies, in fact 50 to 70 percent of ransomware attacks are aimed at small and medium-sized companies — and most small businesses fail within six months of an attack. 1

 

Best practices for improving small business cyber security

1. Educate your employees

As cyber criminals evolve and become savvier, it’s essential to regularly update your employees on new protocols. The more your employees know about cyber attacks and how to protect your data, the safer your business will be. Send out regular reminders not to open attachments or click on links in emails from people they don’t know or expect; outline procedures for encrypting personal or sensitive information; and train employees to double check if they get rush requests to issue unexpected payments—a common scam.
 

2. Implement safe password practices

Many data breaches occur due to weak, stolen, or lost passwords. In today’s world of working from your own devices, it’s crucial that all employee devices accessing the company network are password protected. Have employees change their passwords regularly by automatically prompting them to change their passwords every 60 to 90 days.
 

3. Make sure you’ve got the right partners and platforms

Your cyber security is only as good as the security of the platforms and partners your business depends on. Check the following:

 

  • Do you have a WAF (web application firewall) in place – to protect your site?

  • Is your ecommerce platform PCI-DSS (payment card industry data security standards) Level 1 compliant? That will protect you against digital data security breaches across your entire payment network, not just a single card.

  • Does your website hosting company have staff that are regularly patching security vulnerabilities – to reduce the likelihood of attacks?

  • Check to make sure each company computer has antivirus software installed. Even after training employees on how to identify a phishing email, they may be susceptible.

 

4. Secure your hardware

Data breaches can be caused by physical property being stolen too. If your servers, laptops, cell phones or other electronics are not secured and are easy to steal, you are taking a big risk. Security cameras and alarms will help, but physically locking down computers and servers will help even more. Whether your employees are working from home, a coworking space, or a traditional office, be sure they understand how to keep their company equipment protected.

 

5. Regularly back up all data

No matter how vigilant you are with your cyber security strategies, data breaches can still happen. The most important information to back up is:

 

  • Databases

  • Financial files

  • Human resources files

  • Accounts receivable/payable files

 

Be sure to also back up all data stored on an online drive and check your backup regularly to ensure that it is functioning correctly.

Your insurance company may also provide cyber consulting and risk management services, so check with your agent or broker when choosing your cyber insurance coverage. You can also hire an outside expert to evaluate risks!

Insights and expertise

We keep you informed – and your business protected – with these helpful articles.
Partnerships
Impact of digitalisation
By 2026, there will be 7.5 billion smartphone users globally. Today’s smartphones are literally supercomputers at our fingertips with approximately 100,000 times more computing power than Apollo 11, the spaceship that reached the moon.
Partnerships
Best Practices for International Travel During COVID-19
Over the past year, many of us have been “stuck” inside, using our homes as a workplace, classroom, gym, and more. Now that COVID-19 restrictions are easing up in certain countries, many people are feeling an urge to travel abroad. The following tips may help keep you a little safer while you travel.
Partnerships
8 Ways to Safely Travel Abroad
American citizens face all kinds of risks and challenges in foreign countries, due to the differences in language, culture, politics, and economics. To help you travel safely and confidently, we’ve compiled a quick list of things to think about as you plan your trip.
Partnerships
Financial Fraud, Delivery Issues Dampen Trust in Online Retail
Our report delves into the world of e-commerce, and reveals how integrating insurance options can be a game-changer for building trust.
Partnerships
4 Reasons to Get Travel Insurance
One thing we know for certain these days: Life can change quickly and not always in the way we would like. If you’re considering traveling for business or pleasure, travel insurance can help give you peace of mind in case not everything goes as expected.
Partnerships
Keys to Revenue Optimisation Strategies in Insurance Partnerships
Savvy business leaders consistently push to increase market share, profitability and value in any business cycle. In insurance, creating strategic partnerships with forward-thinking businesses to introduce revenue optimisation strategies are both mutually beneficial and fundamental for their growth.
Partnerships
4 Factors That Affect How Much You’ll Pay For Business Insurance
You’ve started a small business and want to make sure it is protected. But how much will it cost to buy insurance that will cover you for potential property damage, liability lawsuits, or other issues that come up along the way? That will depend on a number of factors:
Partnerships
Riding the Digital Financial Services Wave
For the ‘unbanked’ and ‘underbanked’ segments in Southeast Asia, they represent untapped opportunities where their need for protection can be rapidly addressed by digital financial services..
Partnerships
What is embedded insurance?
Embedded insurance is an innovative way for businesses to integrate relevant risk protection into their customers’ purchase journeys, allowing them to include or add on coverage when buying their products or services.
Partnerships
Protect Your Retail Business from Cyber Crime
Today’s digital technologies allow retail businesses to create in-store management efficiencies, and to connect online with customers around the globe. But those same technologies can make retailers vulnerable to cyber risks — risks that can fatally damage the overall health of your brand and business.

Have a question or need more information?

We’re here with an answer.

All content in this material is for general information purposes only. It does not constitute personal advice or a recommendation to any individual or business of any product or service. Please refer to the policy documentation issued for full terms and conditions of coverage.

Chubb European Group SE trading as Chubb, Chubb Bermuda International and Combined Insurance, is authorised by the Autorité de contrôle prudentiel et de résolution (ACPR) in France and is regulated by the Central Bank of Ireland for conduct of business rules.

Registered in Ireland No. 904967 at 5 George's Dock, Dublin 1.

Chubb European Group SE is an undertaking governed by the provisions of the French insurance code with registration number 450 327 374 RCS Nanterre and the following registered office: La Tour Carpe Diem, 31 Place des Corolles, Esplanade Nord, 92400 Courbevoie, France. Chubb European Group SE has fully paid share capital of €896,176,662.