How small businesses can fend off hackers — Lou Shipley

MIT Sloan Lecturer Lou Shipley

MIT Sloan Lecturer Lou Shipley

From The Wall Street Journal

If you wanted to hack a business, which one would you pick: A Fortune 500 company with a large digital-security budget and a team dedicated to protecting its cyberassets? Or a small enterprise that doesn’t employ a single IT security specialist? Of course hackers are equal-opportunity criminals, but you get my point.

Security breaches at big companies such as J.P. Morgan, Sony and Home Depotdominate the headlines, but safety measures are crucial for organizations of all shapes and sizes. According to the 2012 Verizon Data Breach Report, 71% of cyberattacks occur at businesses with fewer than 100 employees. The average cost of a data breach for those small businesses is $36,000.

We can no longer assume that hackers are solitary figures sitting in basements fiddling with their laptops. They may be members of organized-crime groups or employed by nation states, and they have resources that can destabilize entire companies and countries. These hackers constantly look for Internet vulnerabilities. They break through firewalls, infect machines, and use phishing schemes to gain access through emails to people’s passwords and Social Security numbers. They can then leverage weaknesses in applications to cause a database to output its contents.

So what can the owner of a small business do to defend himself? Here are some tips.

Read More »

Your Business Is Never Too Small For A Cyber Attack, Here’s How To Protect Yourself — George Westerman

MIT Sloan Research Scientist George Westerman

From Forbes

A few years ago I was working with a small consulting firm, and one of our up and coming salespeople left for a competitor. No big deal. It happens. But several months later, the management team noticed a disturbing trend. The company kept losing bids for new business to this very same competitor. It had happened four times in a row when finally we realized that we’d forgotten to turn off the former employee’s network access. He had been logging into our network, stealing our information, and then undercutting us. Read More »