Take action to reduce risk of cybercrime

Aikta Marcoulier

In 2021, cybercrimes against small businesses reached a record high value of $2.4 billion. Online sales exceeded $960 billion that year and are expected to surpass $1 trillion this year.

As we approach the holiday shopping season, small retailers need to evaluate their susceptibilities to cyberattacks and protect their systems from costly data breaches and online scams. Small retailers are especially attractive targets to cybercriminals because they typically lack the security infrastructure of larger businesses. A recent survey found 88 percent of small business owners felt their businesses were vulnerable to cyberattacks.

There are simple steps business owners can take to mitigate their risk of costly and destructive cybersecurity threats. Here are five easy and inexpensive actions business owners can take to reduce their risk of cybersecurity attacks:

Update software: Software suppliers constantly provide updates or patches to prevent the latest cyber threats. The cheapest and easiest way to prevent online attacks this holiday season is to update your computer systems on a regular basis.

Review online security protocols. It’s critical to ensure your website is secure by getting trustmarked with a Secure Sockets Layer (SSL) certificate. An SSL certificate is a digital certificate that authenticates a website’s identity and enables an encrypted connection. Verify that your e-commerce platform has multiple layers of security in place and you’re not storing credit card data.

Create passwords that can’t be hacked. The use of weak passwords constitutes one of the major reasons small retailers are so prone to cyberattacks. Always ensure your employees use unique passwords with at least 12 characters with a mix of numbers, letters, capital letters and punctuation. Use multi-factor authentication, which provides a layered approach to securing data and applications, where a system requires a user to present a combination of two or more credentials to verify identity for login.

Beware of social engineering threats. Hackers love to bait or trick employees into giving up sensitive personal or company information. Social engineering techniques include phishing scams, baiting, scareware and incentives. Hackers can review both your personal and company social media profiles then create emails, phone calls and text messages that appear to be coming from a customer, vendor or someone familiar to gain access to sensitive information.

Enforce strict rules on how your computer systems are used. It’s critical to provide effective training to employees who access your computer systems. 
Make sure employees only have access to data and tasks deemed necessary to their job functions and roles. You might hire multiple seasonal employees over the next few months. Controlling how they interact with your online systems constitutes a critical management function.

The holiday shopping season is a critical time for most small retailers — especially those with a robust online presence. Keeping your online systems safe will benefit not only your customers, but also your bottom line.