Small Businesses are the #1 Target for Cybercrimes: Here’s What You Can Do

Small Businesses are the #1 Target for Cybercrimes: Here’s What You Can Do

It’s a common thought that the smaller the business, the less chance or likelihood that cybercrime will occur.

That thought process doesn’t just sprout from someone’s imagination, it’s born out of a very honest question that most small businesses consider—"we’re just a small business, so why would cybercriminals care about or bother with us in the first place?

Unfortunately, small businesses are considered the #1 target for cybercrimes and attacks.

The reality of the situation is that that mindset is dangerous to believe because it leaves businesses—especially small ones—at enormous risk. According to, attacks on small businesses now account for over 70% of all data breaches—and that number, unfortunately, is on the rise.

Almost half of all small businesses have experienced cybersecurity compromises. Ransomware attacks have risen a terrifying 250% since 2016. Media Planet has even reported that increased incidents of phishing have become a sever issue, too. Cyberattacks aren’t just inconveniences—they can cause irreparable damage to your business, put your clients and their personal information at risk, drain your resources, and destroy your company’s reputation, too.

So, knowing these risks and understanding the severity of cyberattacks, you’re probably asking yourself “where does this leave small-to-mid-sized businesses like me?”

Are you truly at risk of being the victim of a serious, dangerous cyberattack?

Cybercrime—It Can Happen to Anyone (And Often, It Does)

The fact of the matter is cybercriminals often directly seek out small businesses specifically because this is a common thought. They know that small businesses are unprotected, which makes them easy targets.

This doesn’t apply to every small business out there, but generally, smaller businesses are a bit more relaxed when it comes to security—especially cybersecurity.

Typically, small businesses have weaker firewalls (if they even have firewalls in place at all), dated passwords that are never changed, weakly established passwords, or failing to use simple security measures like two-factor authentication. In many cases, the smaller the business, the smaller the staff, and oftentimes, that means there’s no one directly dedicated to cybersecurity and defending against these attacks.

Unfortunately, many small businesses don’t understand the risks of leaving themselves unguarded, so cybersecurity is not a priority. It’s especially secondary for owners who are stuck having to deal with the day-to-day operations of their business.

Time and again, though, this proves to be dangerous, risky, and often, disastrous. The longer it’s ignored and the fewer businesses focus on protecting themselves, the more this risk compounds overtime.

How to Protect Your Small Business: The First Few Steps Every Business Owner Should Take

So, as a small-to-mid-sized business, what can you do to ensure that you’re staying out of cybercriminals’ sightlines? How can you take manageable but crucial steps toward protecting your small business without dropping all of your other responsibilities?

Our best advice? Start small. Here are a few of the must-complete first steps you can take toward protecting your small business:

  • Hire a qualified company to perform a risk assessment for your company.
  • Take a good, hard look at your infrastructure and identify weaknesses—do you have a firewall in place? Have your passwords been updated in the last six months?
  • Encrypt your data on every device—servers, mobile devices, laptops, workstations, etc.
  • Clean machines often with threat management software (don’t forget your web browsers and operating systems).
  • Update your systems regularly and focus on running threat scans.
  • Don’t forget your company’s mobile phones—install security apps here, too.
  • Strengthen all passwords and create a schedule to change them regularly.
  • Limit employee access to information with their unique users’ accounts.
  • Add in 2FA or multi-factor authentication to all services (email included)
  • Back up data regularly with a local copy and a copy in the cloud (this should be considered minimum data backup—the more backups the better).
  • Make sure your backups are tested.
  • Consider the actual physical security of your hardware—are your thumb drives secure? Are your hard drives safe?
  • Train employees on cybersecurity regularly
  • Invest in cyber insurance

Top Tips to Remember About Cybercrime

Cybersecurity isn’t something we can condense down to one blog. It’s a broad conversation that covers all kinds of topics. That being said, there are a few pieces of fundamental knowledge that every small business owner should know that could immediately help you mitigate cyber risks.

For starters, most cyberattacks happen because of employee error—rarely do cyberattacks happen to small businesses who are following all kinds of advice. How can you avoid this? Train your employees properly. When you take a proactive approach to training yourself and your employees on how to handle cybersecurity, you can easily mitigate risk.

Another tip? Teach your employees that passwords are serious business—you’d be surprised how easily you could walk through an office building and find passwords written out and left in plain view, taped to monitors or a post-it note under a keyboard. Once you start clearly communicating the importance of cybercrime to your staff, you can make an enormous difference!

Finally, do everything in your power to stop thinking “it can’t happen to me.

The unfortunate truth is that it can happen to you, no matter how small or large your business might be. Being proactive, smart, and informed can deflate those odds and keep you, and your company, safe.

Balls in Your Court!

Confidence and Ego aside, you run a great business/organization but you’re a businessperson not a Cybersecurity expert. Don’t risk what you’ve invested (time, money and sleepless nights) by reading this and just letting it go as another LinkedIn article read. TAKE ACTION!

Because we give back to the community, we are giving away 2 businesses/organizations FREE Cybersecurity Assessments each day until we have to pull this offer.

To get your Assessment visit:

Why should you listen to me?


I’m a 2-Time Best Selling Author on the topic of Technology. My company (Your Business Solutions) is celebrating our 16th year in business this year. We’ve been recognized by INC Magazine TOP 5000 list and The Houston Business Journal in their Fast 100 list just to name a few things.

To get your Assessment visit:

Don’t be this guy!