Hackers seeking to steal data and money used to target primarily large corporations and government bodies. In recent years, however, they have shifted focus, and now direct quite a bit of attention to hacking small businesses and individuals.

This change is not surprising: bigger organizations may offer larger higher bank balances and "treasure troves" of data to steal, but they also have both armies of information-security personnel and tighter relationships with law enforcement–lowering the odds of a hacker's success and increasing the chances of his or her getting caught and imprisoned.

With the new dynamics at play it is increasingly important for small business owners, entrepreneurs considering starting a business, and people in general to cyber-protect themselves.

While it is proper to perform formal risk assessments before determining security strategy and techniques, the reality is that many small businesses won't expend the resources to do so, and following some sound general advice is far better than doing nothing.

So, how can small businesses and individuals greatly improve their cybersecurity without spending a lot of money? Here are some suggestions:

Ensure awareness.
Offer basic information-security training.
Don't give everyone the keys to the castle.
Backup often.
Encrypt.
Do not share credentials.
Use a proper password policy.
Devise, implement, and enforce social media policies.
Use security software.
Segregate Internet access.
Address personal device risks.
Comply with regulations.
Hire a pro.

Please feel free to discuss this article with me. I am on Twitter at @JosephSteinberg.

Published on: Aug 12, 2015
Like this column? Sign up to subscribe to email alerts and you'll never miss a post.