Cybersecurity 101 for small business owners


Marcin Kleczynski, CEO and founder at Malwarebytes, on everything small business owners need to know about cybersecurity.

Running a small business can sometimes feel as if you are constantly spinning plates. There are a million and one things you need to focus on, but a critical one is cybersecurity.

SMBs that operate exclusively on the internet have an untold opportunity at their fingertips. From being able to do business 24 hours a day, seven days a week to cost savings and flexibility, the benefits are huge. But it also brings a number of risks from financial and data loss to reputational damage and business downtime. Therefore, you really need to ensure that your IT network is fully protected and secure.

Cybercrime is continuing its exponential rise, with its army wreaking havoc on small businesses across the globe. Our Second Annual State of Ransomware report found that the downtime after an attack is the killer, not the ransom demands. We found that for 15% of impacted organisations, a ransomware infection caused 25 or more hours of downtime and for some it caused systems to be down for more than 100 hours — costly for any small or medium business.

The growth in cyber soldiers is down to them being seduced by inexpensive tools and the potential of huge profits. These tools and techniques are increasing in sophistication and accessibility and are leading to a booming cybercrime economy. For instance, ransomware alone was an almost £800m industry last year. Not only this, only 5 % of cybercriminals are actually caught — making it an attractive way to make money.

It is not only outsiders that could pose a potential threat when globally, 1 in 22 cybersecurity professionals are perceived to be Grey Hats, those who participate in criminal activity whilst also working as legitimate security professionals. Worryingly, this statistic jumps to 1 in 3 in the UK. Our research also discovered that the proportion of Grey Hats increased with the size of an organisation. 7% of respondents believed it was easy to get involved with Grey Hat activity without getting caught particularly those in mid-sized businesses where there is less likely to be monitoring and controls.

As a founder of a small business, statistics such as this can be overwhelming – where do you start? And how can you ensure you are not leaving the doors open to a cyber-attack or data breach? Let’s assess what small businesses need to be on the lookout for and protected against.


During the second quarter of this year, according to our own research, the VPNFilter malware reportedly infected over 500,000 small business routers and NAS devices and malware is still one of the top risks for SMEs. With the ability to exfiltrate data back to the attackers, businesses are at risk of the loss of sensitive information such as usernames and passwords.

Attacks such as this also have the potential to remain hidden and undetected. Small businesses can overcome these styles of attacks by employing an advanced threat prevention solution for their endpoints. A layered approach with multiple detection techniques will give startups full attack chain protection as well as reducing the complexity and costs associated with the deployment of multiple individual solutions.


Recent attacks, including WannaCry and Trickbot, used worm functionality to spread malware. However, the worm approach tends to make more noise and can be detected faster. But if hackers can find a way to iron out this crease then this tactic can amass a large number of victims very quickly.

For small businesses, this may mean your entire team being impacted before the attack can be stopped in its tracks, spreading to every endpoint in the network. We found that 18% of UK businesses that had been infected with malware had to cease business operations immediately and 18% lost revenue, which is higher than that global average of 15%.

Internet of Things (IoT)

More devices are able to connect directly to the web, which has a number of benefits, including greater connectivity, meaning better data and analytics. However, cans of worms are waiting to be opened, including data loss, data manipulation and unauthorised access to devices. In order to combat the threat, devices should have strict authentication, limited access and heavily monitored device-to-device communications. Crucially, these devices will need to be encrypted – a responsibility that is likely to be driven by third-party security providers.


The fast-rising popularity or “gold rush” of cryptojacking is mainly due to its ever rapidly rising value. On one day alone in 2017, Malwarebytes blocked 11 million connections to coin-mining sites – and these numbers are increasing and it is not only big businesses that are at risk. According to a recent survey, 1 in 3 of all UK businesses were hit by cryptojacking in July alone.

On the surface, cryptomining may not seem particularly malicious or damaging; however, the costs that it can incur are. If the cryptomining script gets into servers, it can send energy bills through the roof or, if you find it has reached your cloud servers, can hike up usage bills. It can also pose a potential threat to your computer hardware from overloading CPUs.

However, it’s not all doom and gloom – and there are a couple of simple and easy steps startups can take to prepare and protect themselves. Most importantly, SMBs must adopt a layered approach to security. Endpoint protection that is capable of detecting known threats and cryptominers is a great place to start. It can monitor processes in real-time and seek out suspicious patterns, enhancing threat hunting capabilities and reducing the downtime of attacks.

At the core, there also needs to be an education campaign for all staff members. They must understand the gravity of the threat posed by outdated software. Regular training sessions can help here. And this shouldn’t be viewed as a one-off box-ticking exercise then forgotten about. Having rolling, regularly updated training sessions will ensure that staff members are aware of the changing threats and how they can best be avoided.

Lastly, this needs to come from the top down. For too long, cybersecurity has been the domain of IT teams. If you are a founder of a small business, you need to lead by example by promoting and practicing a security-first mindset.