How to prevent a cyberattack on your organization￼
“Organizations need to brush up on security hygiene,” says one expert. “Companies need to incentivize following the protocols.”
You wouldn’t expect cyber-criminals to target a lifestyle and bookstore.
In February, Canada’s much-beloved bookstore chain Indigo fell prey to ransomware threats — specifically to pay up, or its employee data would be released.
The attack also left the retailer’s website not working at full capacity, and its brick-and-mortar stores briefly unable to process any debit or credit payments. The effects of the attack even lingered into March.
But none of this surprised cyber-security experts, who all said at some point, “it’s not if, but when,” a company is hit with a security breach.
Shira Rubinoff — who provides cybersecurity guidance to numerous Fortune 100 companies, and serves on the board of Pace University’s Cybersecurity Program — said whether the ransom was paid or not, the data could invariably be sold to another bad actor anyway.
“Organizations need to brush up on security hygiene,” noted Rubinoff, who has built two cybersecurity product companies, and currently serves as president of the New York-based technology incubator, Prime Tech Partners, and the social-media-security firm, SecureMySocial. “Companies need to have a security process, trained people, and the right technology. But the glue in the middle is the training; make people cyber-aware within the organization. Companies need to incentivize following the protocols.”
She said the worst attacks to spot are phishing attacks, which attempt to deceive people into revealing sensitive information. “They look real. It might be end-of-day, and a worker clicks on it, and it’s from a nefarious bad actor that’s trying to penetrate the organization,” Rubinoff explains.
“It might be from someone who pretends to be from another company, offering them a rise in their position. But it’s really someone trying to get information.”
In the wake of several Canadian hospitals seeing their data hacked, the CEO of Canadian Internet Registration Authority Byron Holland, noted that a third of organizations have seen some kind of security breach.
“Lack of focus and money” were the reasons behind poor security protocols, Holland outlined in a Globe and Mail webinar on cybersecurity in Canadian healthcare, adding that necessary tools must include multi-factor authentication, firewalls, security training, among others.
Watch the webinar:
Toronto’s Hospital for Sick Children, Ross Memorial Hospital (Lindsay, Ontario), Newfoundland and Labrador’s provincial health data, and California-based Regal Medical Group have all fallen victim to breaches in recent months. In 2019, LifeLabs — Canada’s largest medical lab — was hacked, leaving vulnerable the personal information of fifteen million people.
Recognizing the growing problem, last year the Canadian government announced it was taking further measures to “bolster cybersecurity across the financial, telecommunications, energy, and transportation sectors.” The proposed legislation aims to “amend the Telecommunications Act to provide the Government with the legal authority to mandate any necessary action to secure” exposure from high-risk suppliers. In addition, the legislation introduced the Critical Cyber Systems Protection Act, that among many things, will help organizations better prevent and prevent cyberattacks.
Some 45% of small businesses in Canada have experienced a cyberattack in the past year, according to the Canadian Federation of Independent Business. One in ten experienced a phishing attack with someone impersonating a CEO or business leader. In the first half of 2020, attacks on web applications were up eight hundred per cent over the year before.
It should come as no surprise, then, that about one in ten staff have completed mandatory cybersecurity training, and eight per cent, optional training, according to the same report.
Alex Plotkin, CEO of Cyberwall Defence, explains that three-quarters of the time, a bug comes through email, and it’s a simple fix as buying al filter that any IT company can provide.
Most companies aren’t aware there are regulations they’re supposed to follow, he noted.
“Half of SMB CEOs have no clue about these regulations. They likely know anti-spam regulation, but nothing about cyberattack regulation to protect the information you have already.”
Finally, his advice is that employees not reveal too much about themselves on social media, such as their dog’s name, kids’ names, or hobbies. Attackers know that these are often password answers to private information.
Ben Rothke is a New York City-based Senior Information Security Manager for Tapad, a company that analyzes internet and device data for marketing. He is responsible for information security, data privacy, compliance, and risk management. He advises every company to have a documented and tested incident response plan, for before, during, and after an information security incident.
“Most responses tend to be haphazard,” he said.
Jeff Goldenberg, who has over three decades of security and fraud prevention experience, concurs. “Most companies, especially companies not in the financial services or health services — which are heavily regulated — simply don’t give a crap about security.”
This is especially true of SMEs, who have little budget to spend on security, and unwisely think they’re never on hackers’ radar.
“The biggest mistake that everyone makes, big or small, is that security is the security team’s responsibility,” he added. It’s actually everyone’s responsibility.”
To make matters worse, in recent years workers have come with their own computers, rather than a corporate-issued device curated by IT with certain controls and software. “It’s a mess waiting to happen. At a bare minimum, you should be running anti-virus software, and that includes Apple users. You absolutely need it for Macs too, because the idea that they’re immune is nonsense.”
Goldenberg adds that every staffer of every company should be “forced to take annual cyber-security training,” a resource widely available. “Even Visa and Wells Fargo use these external third-party sources, because they’re really good and effective. It’s a twenty minute course, so you know how not to be the cause of your own company’s breach.”
Some security tips are obvious, he says — for example, don’t give out your password, don’t open strange attachments, and don’t answer emails from people you don’t know. But an under-utilized security feature is multi-factor authentication, which provides an extra line of defense. Bluntly speaking, Goldenberg adds: “Passwords are useless.”
Dave is a journalist whose work has appeared in more than 100 media outlets around the world, including BBC, National Post, Washington Times, Globe and Mail, New York Times, Baltimore Sun.
How to build company culture in a scale-up
Culture is no small thing, and according to Virtual Gurus founder and CEO Bobbie Racette, communication — and even getting uncomfortable — is key.
Anyone can type out a vision, mission statement, and outline some core values. But Bobbie Racette, the founder and CEO of Virtual Gurus, took things one step further: she made sure it was posted at the entrance to the company’s office with messages of inclusion and acceptance.
She says those messages are a central part of the company culture, which she sees as a shared belief in acceptance that unites the approximately 50 people working in the company’s headquarters.
But even with such a visible statement, she struggled to maintain a company-wide focus as the start-up grew and expanded.
“Even though the pandemic was still 300 percent, year over growth, we broke internally,” said Racette. “Because our culture was just a mess.”
For Racette, it required her to realize she couldn’t just instill that culture and stress its importance to her leadership team, hoping it would trickle down. She couldn’t just put it on a wall. She had to model those beliefs and bring them directly to all of her employees.
And she had to listen.
So, what really is culture?
The struggle of building and maintaining culture through rapid growth isn’t rare. The start-up world is littered with companies that lost their way.
Culture is no small thing. It’s the foundation of a business and helps guide decisions — from the big to the mundane. If the focus is sharp and the will is there, it will help guide who is hired and how they fit into the larger team.
It’s not about what the office looks like, or free lunches and abundant snacks — the sort of perk-heavy, laid-back office that has come to be associated with tech startups. The atmosphere of a place is not the core of what it means to work there.
Finding and nurturing that core is particularly important for Racette and Virtual Gurus, which provides companies with remote workers on everything from social media to accounting, and focuses on providing employment for underrepresented communities.
“I realized I had to pull back some of the perks and then push the values and I had to essentially retrain everybody to think, ‘wait, if I’m gonna get the perks, I gotta live with the mission, vision, and values, not the other way around,’” said Racette.
The culture she wanted at the company prioritizes inclusiveness, but also innovation, agility, and positivity. Racette realized it was critical to screen out those who didn’t buy in or could be toxic to the kind of workplace she needed for her company.
“I truly believe that in order to get comfortable, you have to get uncomfortable first. So our entire company had to go through an uncomfortable moment,” she said.
And those values she’s so determined to nurture are personal and hard-earned.
“I have lived through the barriers of being an Indigenous woman, a queer Indigenous woman, who has tattoos and… can’t get a job,” she said at the recent mesh conference in Calgary.
How do you maintain culture through growth or scale-up?
When Racette started the company in 2016, maintaining that culture was easy.
She was the only employee.
Then came funding rounds and growth. More employees in the office, but also more and more virtual assistants — over 1,000 at last count — spread across North America.
“You can run a company all day long, but when you’re scaling, you have to pivot left, right, and center all the time,” Racette told mesh conference attendees.
“And so when you pivot, you have to take your whole company and pivot with you, and when you’re doing that you have to keep the culture during that.”
Screening out those elements toxic to the culture at Virtual Gurus was an important step. Research has shown that toxic culture is a big driver of what’s been dubbed “the Great Resignation.”
Racette also followed the advice from organizations and other businesses when it comes to managing growth and culture — from hiring to setting targets and ensuring she is accountable for both change and cultural stability.
Communication, she said in a recent interview, was key.
“I send out weekly CEO updates by email, and then we’ll have all-hands meetings twice a month, and I host those,” said Racette. “So I’m very communicative about why and how the culture is changing.”
Central to that communication is allowing staff to offer feedback, listening closely to what they’re saying — and not being afraid of criticism. She now does what she calls a daily “lion hunt,” going through the office and checking in with employees.
She also says there has been an increased focus on all of the virtual assistants who form the backbone of the company, but who can’t be there in person for her walks around the office. The company has created a virtual hub to maintain those connections, providing incentives and perks, while also emphasizing the importance of the company values and mission.
“We don’t just treat them like a number,” Racette said.
But like those words written at the entrance to the company office, it takes more than spelling it out and carrying on.
“You can talk about it all day long, it’s actioning it,” said Racette. “And that’s one thing I’ve noticed with us is we were talking about the culture, but we weren’t actually actioning it.”
And, of course, incentives work too. Racette says employee bonuses worth four to eight percent of their salary now hinge on whether they follow the company values.
How has work culture changed over time?
Contemporary workplaces, and certainly startups, are a different beast than the offices of old. They are nimble and often more flexible. And unlike many formal offices, there’s no dress code at Virtual Gurus.
But it’s also about how company’s measure and value work — something that can have a profound impact on culture.
“I think it’s changed from being activity and action-driven to being more outcomes-focused,” said Racette.
At her office, employees aren’t judged for showing up late, or engaging in more activities that don’t necessarily lead to the right kind of results. If it takes five hours for someone to do all their work, then so be it.
Racette wants her staff to be accepting of those around them, and to be adaptable in the face of constant change. In order to get there, it only makes sense to put that same faith in her employees, leading down to nurture that all-important culture.
“You can’t fix your culture or have a good culture unless people have a psychologically safe space to work,” she said.
Stepping off an elevator and seeing a wall plastered with good intentions is one thing, but walking into an office where employees are all committed to goals based on those shared values is another, more successful thing altogether.
Rising costs, work-life balance among top mental health stressors for Canadian entrepreneurs
A look at BDC’s latest survey results on mental health challenges for Canadian entrepreneurs.
Have you recently gone into business for yourself? BDC’s latest survey indicates a higher likelihood of you facing some mental health challenges.
And you’re more likely to seek professional help if you’re a:
- Younger business owner
- Business owner with 20+ employees
- Business owner in the arts, entertainment, and recreation fields
- Startup business owner
While men and older business owners were less likely to seek professional health, that doesn’t necessarily equal fewer mental health challenges.
Indeed, BDC’s latest survey on 1,500 Canadian SME business owners and mental health illuminates a concerning 45% increase in Canadian business owners facing mental health challenges (compared to 38% last year).
Here are some more highlights from the report:
More Canadian entrepreneurs feel tired and depressed, with fewer seeking help
The survey responses show that 67% of entrepreneurs felt tired and low-energy at least once a week. Similarly, nearly 50% felt depressed and like they didn’t accomplish everything they would have liked to.
“Entrepreneurs often comment that it feels lonely at the top and rarely speak candidly about organizational and personal challenges,” said Hassel Aviles, co-founder of Not 9 to 5.
While certain groups are more likely to seek support than others, the survey still only shows about a third (35%) of respondents actually sought mental health support.
And the hesitation isn’t a matter of pride. The top barrier to seeking help was the high costs of mental health services, with uncertainty and discomfort discussing things following close behind.
“I currently pay out-of-pocket for a private therapist,” said one anonymous survey respondent. “I am very grateful for that, and I click with my therapist well, but it typically costs me $200- $400 per month. This is a hard expense to tend to in the current economic situation.”
Inflation and work-life balance are top stressors
The survey showed that 54% of entrepreneurs cited inflation and work-life balance as top stressors. The two go hand-in-hand, since rising costs fuel longer hours to make ends meet. Notably, work-life balance was a more sought-after support to mitigate the stress, followed by better access to mental health resources.
“Inflation rates and other factors are affecting their businesses in ways that are harder to control, leaving many entrepreneurs resorting to working even longer hours just to stay afloat,” said Annie Marsolais, CMO at BDC.
Small business owners are just as mentally strained as medium business owners
You might assume these findings apply more to “bigger” business owners with 20+ employees. But the survey profile indicates that 88% of respondents have under 20 employees, with 56% having under five employees.
“As individuals, we can’t control the rates of inflation and the stress it may cause,” said Aviles. “But we can learn to manage our reactions to that stress. Learning how to do this is an opportunity to create separation between who we are and the work we do, which is healthy, and supports the work-life balance entrepreneurs are seeking to achieve.”
Read BDC’s full survey results.
Veronica Ott is a freelance writer and digital marketer with a specialization in finance and business. As a CPA with experience in the industry, she’s able to provide unique insight into various monetary, financial and economic topics. When Veronica isn’t writing, you can find her watching the latest films!
9 in 10 small businesses use tech platforms—here are the most common types
Small businesses looking to reach potential customers, streamline sales systems, and manage payroll are increasingly turning to technology to optimize their operations. Over 90% of U.S. small businesses use at least one technology platform for their operations and growth, according to a 2022 survey from the U.S. Chamber of Commerce.
The COVID-19 pandemic forced many small businesses to close, and those that survived the worst of the economic downturn then faced supply chain disruptions, staff shortages, and inflation. The survey found 86% of small business owners said technology helped their businesses survive the pandemic, especially as more businesses moved online and employees started working remotely.
Investing the time and energy to follow technology trends and learn how to implement new platforms can pay off for companies by automating parts of their operations and bringing them new insights into their potential and current customers. For small businesses, technology provides opportunities to expand capacity and simplify workflows.
Nextiva identified the top types of tech platforms small businesses used in the wake of the pandemic, based on the U.S. Chamber of Commerce survey data. The survey included 1,755 owners of businesses with fewer than 250 employees, and not in the agricultural sector.
Tada Images // Shutterstock
#4. Point-of-sale tools (tie)
– Share of small businesses utilizing this platform type: 36%
Technology can help small businesses in processing sales. Tools like Block—formerly known as Square, Clover, and Toast—allow businesses to accept credit card payments from anywhere employees and customers can use a smartphone. This offers a more flexible alternative to the traditional cash register system. Point-of-sale technology was particularly helpful to restaurants early in the pandemic by allowing diners to order and pay for their food by phone, with limited contact with servers. In addition to accepting payments, some point-of-sale systems also help track inventory, run daily sales reports, and manage customer loyalty rewards.
monticello // Shutterstock
#4. Productivity tools (tie)
– Share of small businesses utilizing this platform type: 36%
A significant share of small businesses use technology to boost productivity. With the growing popularity of remote work, small businesses are looking for new ways to stay connected to employees who may be physically apart. Tools like Google Workspace and Slack help streamline internal communications and collaboration among employees. Common features of this type of technology include instant messaging, document sharing that allows for collaborative editing, project management systems, and meeting scheduling. Another aspect of productivity is time management, including tools for time tracking and monitoring employees’ output.
Wachiwit // Shutterstock
#3. Marketing platforms
– Share of small businesses utilizing this platform type: 41%
Digital marketing opens up new possibilities for small businesses to reach prospective customers. Tools like Google Ads and Facebook Boost give businesses the ability to run targeted marketing campaigns that rely on demographic data and are tailored to the company’s goals. This removes the burden on business owners to guess who their best customers are and how to reach them. Incorporating technology in marketing also results in detailed insights on who responds to each ad and what problems they’re trying to solve, which can inform future marketing efforts. Many digital marketing tools are relatively cheap compared to large print ads or billboards.
Thamyris Salgueiro // Shutterstock
#2. Accounting software
– Share of small businesses utilizing this platform type: 56%
Accounting software like QuickBooks and NetSuite gives small businesses the capacity to perform essential accounting and financial management functions. These tools create systems for sending invoices, tracking revenue and expenses, processing e-commerce, and running payroll, among other features. Without incorporating technology for these functions, businesses would need to hire staff specialized in bookkeeping, IT, and tax policy—a much more expensive proposition than paying for software. Technology also allows for the automation of certain accounting functions, like sending reminders for unpaid invoices or subscription billing. Another potential benefit is the ability to integrate accounting information with long-term planning that incorporates projections for supply chain and production.
TZIDO SUN // Shutterstock
#1. Social media accounts
– Share of small businesses utilizing this platform type: 66%
The most common form of technology used by small businesses is social media. Tied closely to marketing platforms, social media allows businesses to communicate directly with customers and prospective customers. For businesses, social media fosters a sense of community, builds trust in a brand, and grows demand for products or services. Some of the most popular social media platforms are Facebook, Instagram, TikTok, and Twitter. Each platform has a unique user demographic and content presentation style, so businesses can choose a social media platform that allows them to connect with their customer base.
Data reporting by Paxtyn Merten. Story editing by Jeff Inglis. Copy editing by Paris Close. Photo selection by Clarese Moller.
This story originally appeared on Nextiva and was produced and
distributed in partnership with Stacker Studio.
News desk5 months ago
OpenAI, creator of ChatGPT, casts spell on Microsoft
Technology4 months ago
Using innovation and technology for climate change-related challenges￼
Technology5 months ago
As AI rises, lawmakers try to catch up
News desk4 months ago
Amsterdam unveils its largest bike garage. It’s underwater
Business4 months ago
Americans spend $179 on fuel each month—here’s how to spend less