What is the solution?
If small businesses are prime targets for cyber criminals but have limited time, budget, knowledge and resources, how can they protect themselves? Take the initiative to build a cyber security plan for the business and consider these five steps:

• Perform a cyber security audit - assess company vulnerability, identify critical data and systems that you cannot afford to risk.
• Define policy – develop a security strategy and operating model including procedures and governance. Who will be responsible? What is the recovery plan?
• Implement the plan – test, then deploy systems and procedures, train employees and partners. Make security an imperative.
• Monitor and refine – track status, close gaps, activate crisis response when needed. Review and update the plan periodically.

A managed security service provider can provide capabilities that include cyber security assessment and planning, threat detection, incident response, monitoring and reporting to help protect small businesses from cyber threats and to supplement internal IT resources.

References:

1. Mastercard, “Too small to be ignored? Not anymore. Why shoring up cyber defenses for small businesses is crucial”. March 27, 2025.
2. CyberCrime Magazine, Steve Morgan, Editor in Chief, “Cybercrime To Cost The World $10.5 Trillion Annually By 2025”. November 13, 2020.
3. Astra IT, Inc., Nivedita James Palatty, author. “51 Small Business Cyber Attack Statistics 2025 (And What You Can Do About Them)”. June 16, 2025.
4. Accenture, Ninth Annual Cost of Cybercrime Study, March 6, 2019.
5. Verizon, 2025 Data Breach Investigations Report.
6. PCMag, Alan Henry, Managing Editor, Security. “$6.7M Ransom, 700 Jobs Lost, and a 158-Year- Old Business Destroyed—All Thanks to One Bad Password”. September 26, 2025.

Author: Jake Krakauer is an independent business technology consultant based in Pleasanton, California.