Risks due to cyber security are increasing day-by-day. 2020 was a year that recorded a lot of cyber attacks happening at federal offices in Canada as a result of which several government services were disabled.

The small business community was not spared either and was also a target of cyber attacks Since these businesses typically have unprotected data and poor cyber security systems in place, they are increasingly vulnerable to data loss. For instance, mobile phones and IoT devices commonly used in offices can easily be hacked and the data breached.

It is in these situations that cyber liability insurance proves useful in addition to having a business insurance Canada policy.

Severity and extent of the cyber attacks

The growing footprint of large-scale, well-publicized breaches indicates that the number and severity of security breaches is increasing.

Across Canada most businesses have experienced some form of phishing and social engineering attacks and feel that cyber security risks are increasing. This is alarming because a data breach exposes the sensitive information of your clients and leaves them vulnerable to the risk of identity theft, ruins your unblemished reputation and makes you liable for violation of compliance regulations.

Even other instances of cyber security risks such as hacking, malware, ransonware, phishing, social engineering, or enterprise infections can cost you millions of dollars and burn a big hole in your pocket. A devastating cyber attack can make your business come to a standstill, or it could even be the end of your business enterprise.

Some best practices in cyber security for small business owners that can be easily deployed

It is quite ironical that even though cyber attacks can disrupt your business, steal the confidential personal and financial information of your clients, harm your business reputation and lead you to financial losses, only a very small percentage of business owners have their folders properly protected against data breaches.

And from within this group, even fewer realize the significance of cyber liability insurance. While most are coved under business insurance Canada, the coverage from risks arising from cyber attacks still has to be done.

Experts point out that most breaches are either financially motivated, or motivated by espionage.

They have recommended a set of non-exhaustive, simple and practical cyber security best practices that can help small business owners in Canada to protect their data, preserve personal and financial information of their clients and decrease the risks of cyber-related threats.

Awareness, education and training on cyber security

Before anything else, it is a best practice to conduct an in-house session with your employees to sensitize them to the ricks of cyber attacks and the importance of adopting cyber security measures in their day-to-day work.

Such a cyber security awareness, education and training can also equip them to detect and respond to cyber security incidents.

Protecting devices against cyber attacks

Keep the devices in your organization protected from viruses and malware. For this, it is recommend that you install reputed anti-virus and anti-malware software on your computers and ensure that it is updated regularly. You may program the software to automatically auto install itself as soon as new updates are available.

Always keep a back up of your data

Experts are of the view that in order to enhance privacy and security, it is a best practice to back up all files to external hard drives that are ideally not connected to the internet. Storing data in this form reduces the risk of protecting data from potential cyber security incidents and minimizes the risks from malware damaging personal and financial data.

Passwords should be strong and changed periodically

As far as possible encourage your employees and colleagues to create strong passwords and change them periodically. Such a best practice minimizes the risk of hackers gaining unauthorized access into your systems and networks. An example of a strong password is a phrase containing random words, letters, numbers and symbols that can be safely used in your systems and other online platforms.

Wi-Fi networks should be secure and separate for guests

It is a best practice to have a secure Wi-Fi network for your employees and login credentials for the same should be updated on a regular basis. Any guests who arrive at your offices should be provided access to a guest network. This will add an extra layer of privacy and cyber security by preventing said visitors from accessing your employee network and private or personal information. Employees working from home can use a VPN network to have a secure access to your company’s network.

Use only a secure system for making payments

Assess the security tools and anti-fraud services used at various banks and choose the bank that uses the best. It is worthwhile to keep your payment systems isolated from other systems in order to void the risk from malicious cyber security breaches.

Secure your internet with a firewall

Having a firewall over your internet provides you additional security.

A firewall is a set of related cyber security programs that prevent outsiders from accessing data on your private network. As a best practice you must always keep your operating system’s firewall enabled and properly configured in order to minimize risks from cyber attacks.

Employees working from home should be encouraged to check their internet systems and ensure that there is a high level of cyber security in their systems and they are secured by a firewall.

Limit the access of people to computers and devices

Experts recommend creating a user account for each employee of your company, but giving admin rights only to a few trusted IT staff and key people. They also recommend restricting the physical access of your employees to computers and devices and ensuring that that mobile devices and laptops are locked and protected by strong passwords.

All these steps are done to ensure data privacy and protection.


Due to the increasing number of cyber attacks, business owners in Canada are slowly, but surely understanding the significance of cyber liability insurance. While this realization will still take some time to pick up, it is a good idea until then to secure your small business from cyber attacks by implementing the above recommend best practices.