When we think about cybersecurity, most of us think it is a larger problem for big entities such as banks, tech companies, and the government, but truth be told, smaller companies with less than 1000 employees are at the greatest risk with 43% of all cyber attacks being aimed at small businesses? October is Cyber Security Awareness Month, and this year’s theme is “Do Your Part. #BeCyberSmart.”

Here are some pretty shocking cybersecurity statistics:
• It takes half a year to detect a data breach
• 91% of all attacks are launched with a phishing email
• A business falls victim to a ransomware attack every 14 seconds
• 38% of malicious attachments are masked as a Microsoft Office file
• Companies face an average of 22 security breaches in 2020
• The global cost of online crime is expected to reach $6 trillion by 2021

In today’s world, with many companies being more open to remote work and with many employees working from their personal devices, such as checking emails from their phones, cyber threats are all too common nowadays. Being diligent with prescreen hiring, training your current employees on staying cyber safe and setting expectations for third party associates when it comes to cybersecurity are extremely important. Risks should always be accurately assessed and, when possible, minimized. Every person in your organization has a role in mitigating the risk of a cyberattack.

Here are some basic tips to keep your workplace safe when it comes to cybersecurity:
• Take inventory of all your company’s devices – all hardware and software – because you cannot defend what you don’t know you have.
• Lock up your devices – no matter where your office is located. All devices, including computers, laptops and cell phones, should be locked with a secure password.
• Use two-factor authentication if possible as it’s an extra layer beyond just a typical password. This should be a must for anyone accessing sensitive networks or data.
• For those working outside an office network, make sure your employees are never using wi-fi without a VPN (Virtualized Personal Network). Using public wi-fi networks without this extra security can expose your organization’s accounts and data to malicious cyber threats.
• Train employees on cybersecurity – and remind and empower your employees to question any suspicious looking emails, especially those with urgent subject lines and billing-related attachments. Always hover over a link before clicking to ensure you are being directed to the intended URL.