Microsoft announced earlier this year they will be ending support and software updates for Windows 7 operating system on January 14, 2020. Any machine still using the system past that date will be vulnerable to security risks. Approximately 43% of Windows users are still running Windows 7 so this change will impact an enormous number of businesses and users.

Cybersecurity concerns affect nearly everyone in an organization. A company’s team members, as well as external clients, are connected through technology, and protecting systems and data from cyberattack becomes increasingly difficult and complex. At the same time, a shortage of trained cybersecurity professionals continues to grow.

Today’s hackers are often driven by political or financial motivations, or they may seek to gain notoriety. The more we know about how they think and act, the better we can protect our organizations from harm. Small and mid-sized businesses that lack the cybersecurity infrastructure of big corporations are especially at risk of exploitation.

Phishing attacks on small to mid-sized businesses are increasing in frequency and sophistication. Luckily for Office 365 users, some serious updates have been made in the defense against email phishing. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features to better detect spoofed emails, compromised accounts, unsafe links, and harmful attachments, and thereby prevent a wide variety of phishing scams.

Small and mid-sized business owners have so much on their plate that being proactive about cybersecurity often gets pushed to the bottom of the to-do list. Unfortunately, it takes a breach or hack to bring this issue to the forefront of many organizations, but it doesn’t have to be that way.

In 2019, cyberattack damages for small to mid-sized businesses are expected to increase significantly. Verizon’s 2018 Data Breach Investigations Report found 58% of all cyberattacks target small businesses. Ransomware, fileless malware, and email phishing scams comprise a large portion of the attacks.

Fraudsters are becoming more creative with email attacks. As an example, C-Suite fraud is a scam impacting all business sectors, wherein cybercriminals spoof corporate email accounts and impersonate a C-Level executive (CEO, CFO, COO, etc.) to trick unsuspecting employees into executing a task such as wiring funds for a transaction, revealing personally identifiable employees’ information, or sharing company trade secrets.

October is National Cyber Security Awareness Month, a collaborative effort aimed at raising awareness of safe Internet and security practices. Now more than ever it is important to highlight the critical need to build a strong, cyber-secure workplace and workforce to help protect businesses of all sizes.

Technology is changing and improving at a rapid pace, and it can be hard for small- to medium-sized businesses to keep up. Unless you have an IT team to keep you informed of the most important changes, your business can fall behind. In fact, a recent change Google made to how its Chrome browser treats secure and unsecured websites means there’s a chance your company may already be on the outside looking in.

Cyberattacks are a nightmare for businesses, sending normal operations spiraling out of control and causing significant financial loss. Because news reports of data breach typically involve national or multi-national companies, many businesses believe that targets of cyberattack are related to company size, industry or profile.