Skip to content

Why your small business needs a cybersecurity strategy — and how to get one


Over the past 14 years at Cisco, Lisa Richardson has held roles in commercial sales, global account management, and as leader of Cisco Canada’s enterprise networking business. As leader of Cisco’s solutions sales in Canada, she’s also an expert in the simple, comprehensive technology solutions Cisco offers for small business owners — keeping them connected, secure, and collaborating. Here, Lisa offers her best advice for entrepreneurs looking to save time and effort in their security strategy.


By Lisa Richardson

We’re seeing it more and more often — headlines of big corporations becoming the victim of a cyberattack. While these news stories make it clear that cybersecurity threats are growing, they’re often missing an important fact: small businesses are even more susceptible.

“In today’s threat landscape, everyone is a target,” my colleague Jack Pagano, Director of Cyber Security at Cisco Canada, recently told me. “Cybercriminals don’t discriminate between organization size, and small businesses require the same level of cybersecurity protection as large enterprises.”

According to a recent study, last year 67% of small businesses experienced a cyberattack, and another 58% experienced a data breach — leading to lost revenue, customers, and opportunities. 

What makes smaller businesses more vulnerable? The variety and complexity of threats are growing, but these organizations still have limited resources available to monitor, identify, and remediate risks. 

“While the problem and risk are the same,” explains Jack, “large organizations have security teams dedicated to defending their assets while small businesses often struggle with resources and skills.” 

This makes small businesses an ideal target for hackers. In the face of ransomware and malware to distributed denial-of-service (DDoS) attacks and crypto mining threats, 1/3 of small businesses stated they have no safeguards in place to stop a cybersecurity breach.

Plus, the way we all do business is changing — with digital transformation initiatives and new technologies being deployed, and the rise of mobile, cloud services, Bring Your Own Device (BYOD) policies, and the Internet of Things (IoT) creating ever-growing security challenges. Firewalls and up-to-date anti-virus software are no longer enough. 


“Last year 67% of small businesses experienced a cyberattack, and another 58% experienced a data breach — leading to lost revenue, customers, and opportunities.” 


It’s easy to be overwhelmed by the problem. At Cisco, we recommend that small businesses focus their efforts on four key areas: 

Blocking threats earlier

Stop malware before it reaches your network or endpoints. Reduce the time spent remediating infections. This is especially important since 60% of small businesses go out of business in the six months following a cyber attack.

Extending protection

Remove blind spots and protect your employees anywhere they access the Internet.

Securing users and data

Protect employees, data, and apps in the cloud against compromised accounts, malware, and data breaches, while enabling compliance.

Enabling secure cloud use

Improve security with no impact on your employees’ productivity.

Cloud-based security solutions have the capability of delivering on all of these security goals, with techniques that ensure every employee, application and piece of data in the cloud is safe. When evaluating a solution, look for one that delivers:

Visibility: See everything with complete visibility of employees, devices, networks, applications, workloads, and processes. When your security strategy is holistic and integrated from the start, rather than pieced together, it’s easier to stay ahead of threats.

Threat Protection: Identify breaches faster with multi-layered threat sensors to quickly detect, block, and respond to prevent data theft and disruptions of operations. An automated response can help overcome the issue of limited resources with a small (or nonexistent) IT team. 

Segmentation: Prevent attackers from moving laterally east/west across your network with micro-segmentation and application whitelisting.

This will enable you to establish a security “perimeter” around your IT environment, so you can safely transmit data throughout the network, proactively identify and defend against attacks before they hit, and dynamically increase and extend protection as needed.

The problems of cyberattacks may be growing, but with today’s solutions, your small business doesn’t need to become a headline.


The Cisco Women Entrepreneurs Circle — a program led by Cisco in partnership with the Business Development Bank of Canada (BDC) — addresses some of the obstacles women-led businesses face in building their tech capabilities. Are you a business owner? Register for a free 14-day trial of Cisco Umbrella to protect your business, employees and customer data against cyber threats. With a Cisco Security solution, small businesses go from being overwhelmed to empowered.