In the case of network security, the expression “the bigger they are, the harder they fall” doesn’t apply.  Big companies often survive to fight another day, while smaller businesses that face a cyber attack can suffer a more crippling financial impact for years to come.

Outside the limelight

While network breaches at Sony, Target and Anthem grab the spotlight, nearly 50 percent of small businesses have already been impacted by cyberattacks with an average cost of more than 20 thousand dollars—up from 8,700 two years ago. Hackers are zeroing in on your favorite burger joint, the corner hardware store and your dentist. Every small business is a target. Small and mid-sized businesses store valuable data, but often have limited resources to devote to network security and they typically have smaller safety nets.

Here are four simple steps that can help small to medium businesses secure their valuable data and help keep their customers’ information safe:

1. Software patches

This is one of the most important steps a small business can take. Around 80 to 90 percent of Internet exploits leverage old flaws. Take advantage of free software updates from manufacturers to patch your operating system and other applications, and apply firmware updates to your hardware.

2. Upgrade your protection

Despite sophisticated new cyber threats, many small businesses still rely on basic firewall technology. Advanced security devices, like unified threat management (UTM) appliances, are designed to stop today’s broad array of attacks. These technologies are now cost-effective and easy for small businesses to manage. In fact, the best UTM solutions deliver advanced threat protection solutions that ensure small businesses can survive even the most advanced new malware threats.

3. Strong password policy

Make sure you and your employees use strong passwords, and that the same one isn’t used everywhere. Adopting a password manager for your organization is an easy way to help employees use effective passwords and keep them safe.

4. Awareness training

All the defenses in the world may not prevent an employee from making a silly mistake. Train your employees on Internet safety so they’re wary of attachments or links in emails, even if they seem to come from people they trust.

Don’t become a statistic. With small steps, you can better protect your business against cyber threats.