3 Essential things every business owner should know about IT security in 2023

3 Essential things every business owner should know about IT security in 2023

For cybercriminals, the Garden State is fertile ground for their nefarious activities. In 2022, New Jersey was hit by 375 confirmed attacks; many more may have not been reported. That’s why in March 2023, Governor Phil Murphy signed a law requiring state public agencies to promptly notify the state of any cyber incidents within 72 hours.

With the state taking cybersecurity more seriously, every business owner across the state should do the same. Businesses of all sizes are now targets, not just big companies. In fact, small businesses are increasingly being attacked by cybercriminals because they’re seen as easier targets.

Whether you’re a small- or medium-sized business (SMB) or a large corporation, you need to be savvy about cybersecurity. Here are some of the key things you need to know about cybersecurity in 2023.

1. What is cybersecurity?

Cybersecurity is the practice of safeguarding computer systems, networks, and data from cyberattacks, including unauthorized access, theft, or damage. It protects your data from being altered or destroyed and makes it accessible only to authorized users when they need it.

2. What are the most common cyberattacks to date?

The following are among the most common cyberthreats:


Phishing was the number one cybercrime in 2022, with more than 300,000 Americans affected. Phishing attacks often involve email or text messages that appear to be from a legitimate source, such as a government agency, a bank, or an online retailer. These messages aim to trick recipients into giving up sensitive data, such as login credentials, Social Security numbers, and credit card details, or clicking on malicious links.


Malware refers to any malicious software designed to damage or disable a computer system, including viruses, Trojans, and spyware. It can be installed on your computer through different means, such as phishing emails, malicious attachments, or drive-by downloads. Once malware is installed on your computer, it can disable the system, disrupt operations, or even steal data. Ransomware, in particular, encrypts a victim’s data so that they cannot access it. The cybercriminals then demand a ransom payment in exchange for the decryption key.

Ransomware attacks have been on the rise again after a dip in 2022. According to cryptocurrency trading firm Chainalysis, ransomware victims have paid a total of $449.1 million in ransom in the first half of the year. If this pace continues, 2023 could hit up to $898.6 million in paid ransom, making it the second biggest year for ransomware revenue after 2021.

Credential stuffing

Credential stuffing attacks involve using stolen usernames and passwords from previous data breaches to gain unauthorized access to online accounts. It works because many people use the same username and password combination across multiple websites and services. This makes it easy for attackers to gain access to multiple accounts with just a single set of stolen credentials.

Remote work vulnerabilities

The shift to remote work during the pandemic has led to a rise in remote work-related vulnerabilities. These vulnerabilities include:

  • Weak passwords: Many employees reuse weak passwords across multiple online accounts, making them easy targets for attackers.
  • Unsecured networks: Remote workers may connect to unsecured Wi-Fi networks, such as those in coffee shops, airports, and other public places, which can leave their devices and data vulnerable to attack.
  • Unpatched software: Outdated software often contains security vulnerabilities that attackers can exploit.

These vulnerabilities can enable cybercriminals to gain unauthorized access to business systems and data, leading to data breaches, malware infections, and other security incidents.

3. How can businesses protect themselves from cyberattacks?

Cyberattacks can cause massive financial and reputational damage to businesses, even forcing them to close down. To protect your company’s data, reputation, and long-term viability, you must implement the following cybersecurity measures:

Use strong passwords

Everyone should be required to use strong, unique passwords. These passwords should have eight characters at least, since long passwords are harder to crack than short ones. Avoid using common words, phrases, and personal information in your passwords.

Alternatively, you can implement a password manager for your company. A password manager can generate and store strong, unique passwords for each of your accounts, and it will automatically fill in your passwords when you need to log in.

Enable multifactor authentication (MFA)

MFA requires users to present two or more pieces of evidence to prove their identity when logging in to an account. This makes it more difficult for attackers to gain unauthorized access to accounts, even if they have stolen a user's password.

Keep all software up to date

Software updates are crucial for protecting your devices and data from cyberattacks. This is because they often include security patches that resolve known vulnerabilities. Software updates may also include new features that can improve the functionality and security of your software, as well as bug fixes that can improve performance and reliability.

Install antivirus and anti-malware software

Antivirus and anti-malware software programs scan your computer for known threats and remove them. Make sure to keep your antivirus and anti-malware software up to date to ensure that they can detect the latest threats.

Back up your data regularly

Your data can be lost or damaged due to reasons other than cyberattacks: human error, hardware failure, or disasters both natural or human-made. Regularly back up your data so that you’ll be able to easily recover it should there be a need.

Educate and train your employees on cybersecurity best practices

Employees can be the weakest link in your company’s cybersecurity chain if they are not properly trained and educated. Phishing attacks and other social engineering techniques can easily fool them, leading to unauthorized access to systems. Well-trained employees would know their security responsibilities and be less likely to fall victim to cyberattacks.

Online security is essential for businesses to survive and thrive. That’s why it’s best to entrust your company’s cybersecurity to the experts at Online Computers. We’ll provide you with comprehensive security solutions that protect your IT network at all times. Get in touch with us today.

Keep all types of cyberthreats at bay by adopting our comprehensive cybercrime defense game plan. Download our free eBook today to learn how!Download here