Data Security Strategies for Small and Midsize Businesses

Data Security Strategies for Small and Midsize Businesses

Nowadays, you don’t have to be a large corporation to attract the wrath of hackers. Limousine companies, escrow firms, and even hay-compressing companies have become the target of cyber attacks in recent years. According to an article in PCWorld, 20 percent of small businesses are victims of cyber crime each year, and of those, some 60 percent go out of business within six months after an attack.

Fortunately, there are actions that companies of all sizes can take to help keep their information systems safe. In February, I wrote about what I call the “Three I’s” of computer virus protection: Install, Inform, and Insure. The first “I” is for installing antivirus software (AVS), and the last “I” is for insuring your company. Today, though, is just about the second “I”—which stands for informing staff.

To protect a business from cyber attacks,it's critical that employees understand the basics of cyber security and the dangers of opening suspicious emails, attachments, and links to unfamiliar websites. They should also know the importance of saving their work somewhere other than their computer, whetherit's a company-owned server or the cloud. This will help make any future data restoration much easier.

Last month, ISO announced a strategic collaboration with CyberScout™, the nation’s premier consultative provider of identity and data risk management, resolution, and education services. As part of the collaboration, CyberScout will be the ISO Businessowners Program vendor of choice for data breach avoidance and remediation services. (Earlier in July, ISO filed an optional cyber insurance endorsement for its Businessowners Program on a multistate basis with a March 2015 implementation date.)

The collaboration will also help ISO better understand the cost of data breaches and provide a more complete picture of cyber risk. In addition, ISO Businessowners customers will receive discounts on a comprehensive suite of services from CyberScout.

To learn about ISO’s various cyber offerings, visit the ISO Cyber Risk Solutions website,, or email me at You can also follow me on Twitter @doughertyshawn.