CISA Small Business Protections Against Cyber Attacks

June 7, 2024

America’s Cybersecurity & Infrastructure Security Agency (CISA) provided tips to protect Small Businesses against cyber-attacks. Small businesses are often targets because they don’t always have the resources to invest in cybersecurity. Below are the four simple cybersecurity steps provided by CISA:

1. Teach employees to recognize and avoid phishing. Emphasize the harm phishing emails can cause while educating employees on what to look for in a phishing email and encouraging everyone to think before clicking links or attachments. Doing so could provide unauthorized access to information or infect your network, which may result in the data being held for ransom.
2. Require strong passwords. This is one of the easiest ways to protect your business from criminals. Passwords should be random, unique, and at least 16 characters long. Avoid using the same password for multiple accounts, and consider enabling an enterprise-level password manager so that you only need to remember one password.
3. Require multifactor authentication (MFA). MFA requires more than a password to access your accounts, such as a texted code, a fingerprint, or an access card. This makes an account safer than one with just a password. There are more than 300 million smartphone users in the U.S., so it’s easy to implement MFA using a smartphone or tablet. 
4. Update any software used for business. Out-of-date software allows criminals to steal business, employee, and customer data. Programmers publish patches, but you must install them to get their protection. Enable automatic software updates on connected devices used for business to get the latest security patches. It is also very important to be aware of any outdated or unsupported software or hardware, so make sure to inventory and update them.

Your business is digitally connected – to employees, vendors, and customers, and your systems store their sensitive information, which could be at risk from online threats. Many small businesses find it hard to recover financially from a cyber-attack. Find more information on securing your business at www.cisa.gov.