Many cybercriminals look at small businesses like blank checks. More often than not, small businesses just don’t put money into their cyber security, and hackers and cybercriminals love those odds. They can target small businesses at random, and they are all but guaranteed to find a business that has no IT security – or the business does have some security but it isn’t set up correctly.

At the same time, cybercriminals send e-mails to businesses (and all the employees) with links to phishing websites (websites designed to look like familiar and legitimate websites) or links to malware. They hope employees will click on the links and give the criminals the information they want. All it takes is ONE employee to make the click.

Or, if the business doesn’t have any security in place, a cybercriminal may be able to steal all the data they want. If you have computers connected to the Internet and those computers house sensitive business or customer data – and you have NO security – cybercriminals have tools to access these computers and walk away with sensitive data.

It gets worse! There are cybercriminals who have the capability to lock you out of your computer system and hold your data hostage. They may send along a link to ransomware, and if you or an employee clicks the link or downloads a file, your business could be in big trouble. The criminal may request a sum of money in exchange for restoring your PCs or data.

However, as some businesses have learned, it’s not always that simple. There are businesses that have paid the ransom only for the cybercriminal to delete all of their data anyway. The criminal walks away with the money and the business is left to die.

And that’s not an understatement! Once cybercriminals have your data and money, or both, they don’t care what happens to you. Cybercriminals can do more than just major damage to small businesses; their actions can literally destroy a business! We’re talking about the costs of repairing the damage and the cost of losing customers who no longer want to do business with you. You’re looking at a public relations nightmare!

This goes to show just how critical good IT security really is, but business owners still don’t take it seriously. Even as we enter 2020, there are business owners who don’t consider cyber security a high priority — or a priority at all. It’s a mindset that comes from before the age of the Internet, when businesses didn’t face these kinds of threats. And many business owners fall into the habit of complacency. In other words, “It hasn’t happened yet, so it probably isn’t going to happen.” Or “My business isn’t worth attacking.”

Cybercriminals don’t think like this. It’s a numbers game and only a matter of time. Business owners need to adapt to today’s online landscape where just about everything is connected to the Internet. And if something is connected to the Internet, there is always going to be some level of vulnerability.

But you can control your level of vulnerability! You can be cheap or complacent and do the bare minimum, which will put your business and customers at risk. Or you can take it seriously and put IT security measures in place – firewalls, malware protection, secure modems and routers, cyber security insurance and working with a dedicated IT security company. There are so many options available to secure your business.

The reality is that cyber security should be a normal, everyday part of any business. And anyone thinking about starting a business should be having the cyber security talk right from the very beginning: “What are we going to do to protect our business and our customers from outside cyberthreats?”

When it comes down to it, not only do you need good cyber security, but you also need a good cyber security policy to go along with it. It’s something you share with your team, customers, vendors, investors and anyone else who puts their trust in your business. Transparency about your cyber security is a great way to build and maintain trust with these people. If you don’t have IT security in place, why should anyone trust you?

Think about that question and think about the security you have in place right now. How can you make it better? If you need to reach out to an IT security firm, do it! It will only make your business better and prepare you for the threats that are looming right now. No business is too small or too obscure to be hacked.