Can a smaller retailer compete against the big players online? Here’s how to maximise your visibility — however large or small you are.
Once we can get past the fact that everything is in a constant flux of change, we can begin our journey to tomorrow.
It’s an astounding — and perhaps disheartening — statistic: 60 percent of small companies are unable to sustain their business within six months of a cybercrime attack, according to the U.S. National Cyber Security Alliance.
To help avoid joining their ranks, John Hey and other information technology experts advise small business managers to foster a culture of cybersecurity that permeates their entire operation, not just the IT department.
“I hate to promote apprehension or cynicism, but you have to be almost by default extremely suspicious or skeptical,” said Hey, chief operating officer of Grandville-based Trivalent Group, one of Michigan’s largest IT solutions providers. “Basically, awareness and suspicion really are the best policy.”
“Today,” said Zara Smith, strategic programs manager at the Michigan Small Business Development Center (SBDC), “protecting against online threats such as phishing (tricking consumers or businesses into disclosing financial information while posing as a legitimate company) or ransomware (encrypting a company’s files, making them unusable, and demanding a ransom to unlock the data) is everybody’s job.”
“This is the new world we live in,” she said. “Years ago we had to teach everyone to lock the door. Now we’re teaching that cybersecurity is something everyone needs to be aware of. Not everybody has to be an expert, but if we are truly to protect ourselves, we must all take responsibility.”
Indeed, the issue of staying safe and secure online is so mainstream that the National Cyber Security Alliance has designated October as National Cyber Security Awareness Month, a campaign that aims to reach consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation.
For small businesses, making cybersecurity part of every employee’s routine is especially important because they are unlikely to have distinct IT departments staffed with workers whose sole mission is to keep the company’s technology systems operating smoothly. Often, Hey said, small companies might have one person who’s in charge of technology but also has responsibility for other, unrelated duties.
Small businesses also can’t hope to simply fly under hackers’ radar, Smith said. Their sheer numbers make them a favorite target of cybercriminals. Plus, big businesses, which have the financial resources to upgrade their security, are tougher for hackers to crack. So rather than seek a single big score, increasingly hackers are opting for volume and setting their sights on multiple, more vulnerable smaller companies.
Former FBI Director Robert Mueller, somewhat famously within cybersecurity circles, summed up the threat this way: “There are only two types of companies: those that have been hacked, and those that will be.”
While that might seem to paint a hopeless scenario, the answer is to put up a vigorous defense that might prompt hackers to seek other, easier prey, Smith said.
“It’s all about risk mediation,” she said. “Don’t be the lowest-hanging fruit.”
To be sure, measures such as installing anti-virus and email scrubbing software and keeping it up to date remain fundamental, first lines of defense against falling victim to cybercrime. But a truly robust security system is based on vigilance among all employees, Hey said.
“An uncareful user can undermine all of your security measures,” he said.
For example, all employees should know to follow safe and proper protocol regarding opening attachments and links in emails, potential avenues for hackers to introduce malware or viruses into a computer network, Hey said.
Such emails are becoming more sophisticated, having evolved beyond the iconic Nigerian-based scams. Today’s emails are better written (foreign fraudsters hire translation services when composing them) and often are sent in the names of companies or people known to the recipients, Hey said.
“If there’s any shred of doubt, just delete the entire email,” he said. “If it’s a legitimate email, the other person will resend it.”
Care in sharing or protecting information such as passwords is also part of a culture of cybersecurity, Hey said. Whenever he speaks on the topic, there’s always someone in the audience who keeps an important password written on a sticky note, an extremely low-tech and dangerous storage method. In contrast, Hey stores all his passwords in a smartphone app that requires a 16-character password to open.
“I say a bad word every time I have to enter it, but it’s ultimately worth the effort,” Hey said. “Security is not convenient.”
Hey advises against sending password information in email files, saying that texting is safer. Also, having systems set up so that passwords periodically expire adds another level of safety.
Common-sense measures related to physical security, such as logging off your computer or not leaving a cell phone sitting on a table when you go to the restroom, are also keys to staying digitally safe, Hey said.
Beyond trying to access financial information such as credit card or bank account numbers, hackers who target small businesses also aim to profit by disrupting companies’ operations. Ransomware allows them to hold data hostage until a business pays to have its systems unlocked.
The cybercriminals typically don’t ask for exorbitant sums — $300 on average, Hey said — to make the ransom less traceable. They also operate with a certain level of honor, rarely reneging on their promise to unlock systems once payment is made, so as to help ensure victims recognize the benefit of paying and money keeps flowing.
But the real cost to a business comes from the disruption to its operations — as well as the blow to its reputation, Smith said. “There’s the perception that if you get hacked, you’ve done something wrong,” she said.
Hey has seen ransomwear’s devastating effects up close. He worked with a 25-employee West Michigan business that had security software and other protections in place but became infected after an employee opened an email attachment. The company had its data backed up, but it took several days to restore.
“They wound up with three or four days of lost productivity,” Hey said. “They had a six-figure impact because an email was opened. They had taken reasonable security measures but didn’t have best user practices.”
To help companies assess their vulnerability to similar crimes, the SBDC launched its “Small Business, Big Threat” initiative. The foundation of the initiative is a website, www.smallbusinessbigthreat.com, that allows individuals to take a free assessment and receive a report.
From there, participants can choose from a variety of resources to engage with, including in-depth trainings, webinars, best practices, or industry articles on small business cybersecurity.
It’s an astounding statistic: 60 percent of small companies are unable to sustain their business within six months of a cybercrime attack, according to the U.S. National Cyber Security Alliance. John Hey and other information technology experts advise small business managers to foster a culture of cybersecurity.
You can make meetings much more valuable and effective — and have high-performance and mindful meetings. Use these steps to bring more creativity and emotional intelligence to the table.
In today’s environment of high-velocity change, a business’s technology, product innovation or unique distribution are only fleeting advantages. In fact, the only sustainable competitive advantage is an organization’s talent and how reliably they perform. Andrew Carnegie came to America from his native Scotland when he was a small boy, did a variety of odd jobs, […]
Over the years, I’ve traveled for business a lot — sometimes alone, but often with colleagues. One time, I found myself traveling with a colleague I didn’t know very well. We were both rushed to get work done before the flight, so we gave ourselves very little time to get to the airport. Everything had […]
When doing business with your bank in the traditional sense, most probably think of working with an organization to keep deposits secure, provide money transaction capabilities and make loans. After all, this is the traditional focus of how financial institutions, especially community banks, operate. What you may not know is just how much more your bank […]
There are moments when a company and its management know something special has happened, and for a growing number of companies that monumental event is gaining national recognition through inclusion on the Inc. Magazine 500.
If communication isn’t a priority in your organization, then your company simply isn’t living up to its true potential. A first-class HR department makes it their mission to facilitate communication upward, downward and horizontally. Expectations and objectives need to be delivered and understood, frustrations need to be dealt with and concerns have to be heard. […]
One of our cats recently needed a course of antibiotics. Now, this particular cat is quite large, but also very sweet and has a purr that would put a motorboat to shame. Giving her pills is really a very simple task: pop the pill in her mouth, give her a treat, and we’re done. She […]
As a small-business owner, trying to maintain a work-life balance can be like walking on a tightrope. At any given moment you have to lean one way or the other to maintain your overall balance. It’s often tempting to work around the clock to make your company the very best it can be. After all, […]
Budget cuts and hiring freezes. Regulatory headaches, stalled initiatives, or the loss of a well-loved leader. Sound familiar? If so, rest assured, you are not alone. In over a decade’s work with top executives, I’ve yet to meet a leader who hasn’t been dealt any number of setbacks and challenges. Challenges that make leading difficult. […]
If you are like me as a child you grew up under the premise of “sticks and stones may break my bones, but names will never hurt me.” The expression noted that no matter what you said you’re not going to harm me with name-calling. However, there are other organizations products and services like yours, […]
Many organizations deal with employees that do not perform to standards. One of the most frustrating things for managers and supervisors is to have employees who continually repeat the infraction. However, when the issues continue managers and supervisors are left to discipline and more likely terminate the individual. One of the critical factors impacting work […]
Imagine being a young, hungry entrepreneur again. You’re looking around for help, hoping that someone else sees the potential in your idea like you do. That is one of the many reasons why Hatch Detroit, sponsored by Comerica Bank and Opportunity Detroit, is such an essential competition. The competition, which recently announced its Top 10 […]
Here’s the thing…good planning avoids conflict. But, good planning is much more than asset allocation. Advisors implore their clients to plan for the future. They often use disturbing techniques like horror stories of deplorable outcomes due to a lack of planning. Usually the disturbing track is about a loss of money either to the tax […]
The business world is moving at a rapid pace. We see the creation, the merger and the transition of numerous businesses due to overwhelming globalization, technology, and Internet conductivity. Every morning we open up such periodicals as the Wall Street Journal reading about new entrepreneurial ventures. These are very exciting times for the organizations that […]
When I was an undergrad working in the Virtual Reality Lab at Stanford, I never could have envisioned the path that would take me to founding LifeSite, a startup that helps families securely store and share important life information online. After graduation, I represented California in the Miss America pageant, running on a platform of […]
Whether you are a Fortune 500 executive, business owner, front line manager, or human resources professional, you know this much is true. You can’t run a thriving company without top notch employees. The fact is, success resides in the hard work, creativity and dedication of your workforce—those bright, enthusiastic, engaged employees who work every day […]
Every business owner or manager has a story to tell. For the winners of Corp! magazine’s Economic Bright Spots awards, the tales typically involve successfully overcoming challenges or seizing opportunities.
Corp! in print and online is a B-to-B publication that features success stories, best practices and strategies that CEOs, business owners, executives and managers will find useful and relevant. We pride ourselves on not making editorial decisions based on how much coverage a story has received in other media, or how it ties into the latest scandal in the business world. Corp! is dedicated to raising the profile of business in our communities and driving it forward.