Hackers today exhibit an unprecedented level of sophistication and complexity. Look no further than the recent hack of the US Treasury and Commerce Departments. As one of the largest hacks in more than five years, this news has proven that hackers have the ability to breach even the most secure systems.
All of this activity begs the question, “How can cybersecurity be improved for a low cost?”
We asked technology experts and business owners for the low-cost ways that they are taking to improve their own cybersecurity initiatives.
Based on their insights, here are some low-cost ways to improve cybersecurity.
Run Regular Security Checks
To better protect your website, I would recommend running regular security checks with tools like WebPageTest. This tool can analyze your site and outline easy steps you can take to protect it from hackers! I would highly recommend using a tool like this for all business owners, but especially those who participate in eCommerce.
— Brian Greenberg, True Blue Life Insurance
Install an SSL Certificate
SSL certificates help protect information and secure online transactions by playing an essential role in data encryption. Websites that operate without an SSL certificate expose sensitive information like passwords, credit card numbers, and usernames. That’s why Google announced that HTTPS is a ranking factor because security is valuable in succeeding with SEO. SSL certificates are inexpensive (sometimes free, depending on the hosting provider), and are a low-cost way to improve the security of any business with a website.
— Brett Farmiloe, Markitors
Get a Vulnerability Assessment
Cybersecurity should always be approached in layers. Organizations need to secure their technology, processes, and people. There are various tools and tactics to shore up security in each of these areas. An excellent starting point for businesses on a budget is getting a security or vulnerability assessment. An IT security company will scan your network, connected devices, websites, antivirus configuration, and more. This can be done at a fairly low cost using automated tools and templates. A vulnerability assessment will produce a report card detailing all discovered cybersecurity gaps, categorized by risk to business and time/cost required to remediate. Based on your budget allocation, you can pick which items to tackle first — usually the lowest cost, highest risk items.
— Colton De Vos, Resolute TS
Build a Culture of Security
Communication among all your employees (including your executive team) is a zero-cost way to rally your organization around cybersecurity. Hackers are only getting more creative with the way they can convince someone to click on a phish-y email and give up their credentials. Every month, an email should be sent to your team related to a security awareness training topic, such as what to be on the lookout for with a potential scam. This requires cross-departmental collaboration with HR, IT, you name it to make sure everyone is working together to build a culture of security.
— Lauren Patrick, Curricula
Being a founder of a healthcare company, I believe that the recent digitalization of business life is setting companies at high risk of cyber attacks more than ever before. Big data analysis has the potential to provide protection and safeguard against these cybersecurity attacks. Advanced big data security analytics solutions offer numerous automated workflows to provide cost-friendly security measures against detected threats, such as disrupting clearly identified malware attacks or submitting a suspicious event to a managed security service for further analysis. Automated controls for cybersecurity and fraud detection have been identified as one of the critical business drivers for future adoption in this study.
— Sylvia Kang, Mira
VPN For Employees
The thing that will get you the most bang for your buck, security-wise, is to get a VPN. You can get these for free, which makes it the lowest cost option, but there are also affordable monthly payment options. I think this can provide the biggest improvement, because a VPN will effectively hide your IP, your activity, and will make you virtually untraceable. If your company is working remotely, I highly recommend supplying a great quality VPN to your employees, because it will do wonders for your level of security. Did you know that half of cyberattacks at small businesses happen because of employee negligence? Consider the fact that you’re able to stop that with a VPN.
— Hosea Chang, Hayden Los Angeles
Update Your Password Policy
The most cost-effective way to increase your cybersecurity is to update your password policy. Many businesses use the bare minimum in terms of password requirements to placate their users. The easiest way to increase security without angering your user base too much is to increase the minimum length. An 8-character password can be breached by a brute force attack in under 10 minutes. Adding two characters, however, increases the duration of time required to breach up to a week. Another two characters and you’re up to 54 years. This is because each additional character exponentially increases the number of possible passwords that a brute force attack must try.
— Phil Strazzulla, Select Software Reviews
Password Management System
Cybersecurity is only as strong as its weakest link, which is always going to be the human element. A relatively cheap way to improve cybersecurity is to improve how your users interact with your systems. This is accomplished by educating your users of the risks they could create through unintentional and well-meaning behavior and then creating systems that encourage good behavior without stifling productivity. For example, having a password management system where users can share sensitive credentials without sending them in plain text or, even worse, writing them down on paper.
— Lukas Ruebbelke, Briebug