USTelecom’s 2021 Cybersecurity Survey of Critical Infrastructure Small and Medium-Sized Businesses (SMBs) outlines 10 important ways small businesses can protect against cyber breaches.
- Conduct Cybersecurity Training: Regularly train and test staff on best practices and controls.
- Review Policies and Procedures: Annually revisit and update to identify roles, responsibilities, and organizational accountability.
- Update System Configurations: Follow vendor and expert recommendations, including structured protocols to patch vulnerabilities.
- Direct Annual Risk Assessments: Risk assessments put cyber risks in economic terms so mitigation techniques can be calibrated and reviewed by executive management.
- Perform Post-breach Assessments: Post-breach findings offer valuable insights and should be communicated to management and departments.
- Evaluate In-house Capabilities: Annually assess—and consider retaining outsourced, managed service providers—to augment existing cybersecurity staff as needed.
- Obtain Cyber Insurance: Annually review policies to ensure appropriate coverage and alignment with your risk tolerance.
- Identify Information Sharing Opportunities: Participate in formal and informal information sharing opportunities that support your specific needs.
- Establish Regular Briefings: Coordinate briefings for appropriate levels of management and implement a process to ensure feedback.
- Dedicate Budget: Commit at least 10-15% of IT budget to cybersecurity based on business needs and risk tolerance.
There is nothing “small” about protecting your business’ cyber security.