CYBER-SECURITY THREATS have continued growing. In fact, they ramped up during 2020, and the trend according to experts is that the risks will continue to grow at an exponential rate.

And small to mid-sized firms that think they will fly under the radar of cyber threats are sadly mistaken, as they are usually easier pickings for criminals. Worse yet, one incident could put a firm out of business.

To protect your company from attack, here are three cyber-security threats you should prepare for now.

Ransomware attacks

In a ransomware attack, hackers access your data and hold it hostage until you pay some type of ransom. This means business owners have to choose between losing their data or paying a hefty sum.

Ransomware is usually delivered through phishing e-mails that appear legitimate at first glance.

The e-mail generally includes an attachment or link containing malicious code and once an unsuspecting employee clicks on it, they unleash the code first into their workstation and later into your network.

To protect against ransomware, the Small Business Administration
recommends that you and your staff:

  • Verify web addresses before clicking on e-mail attachments.
  • Don’t give out confidential information about your company
    to unsolicited callers.

  • Don’t give out company financial information over e-mail.

Man-in-the-middle (MITM) attacks

These are relatively new attacks when cyber criminals intercept and alter incoming traffic. Once intercepted, the hackers redirect the victim’s browser to a malicious website where they can steal and even change sensitive information.

These MITM attacks are usually initiated by malware.

The best way to combat MITM attacks is by using some type of endpoint authentication to make it harder for hackers to intercept traffic.

For instance, passwords are becoming increasingly unreliable, so two factor identification methods (like a text message with a secret code being sent) can provide additional security.

Lack of awareness

Ninety percent of the time when hackers gain access to a company’s database and network, it’s due to human error, typically after an employee clicks on a link or opens a malicious attachment to an e mail, unleashing the attack.

Other ways criminals gain access include when an employee leaves a laptop in an unsecured location, or they send sensitive company information to an unintended recipient.

Train your employees on cyber-security best practices:

  • Use strong passwords and change passwords regularly.
  • Never install unauthorized software.
  • Avoid using public WiFi on work laptops or devices.
  • Don’t leave a laptop unattended in a public place.

The final backstop

As threats have evolved, so have insurance products – data breach insurance and cyber liability insurance – and even they will vary in terms of coverage from one insurer to the next.


This will cover your business if you have a breach of personal identifiable information or personal health information is lost or stolen. Policies will usually cover:

  • Costs of notifying affected customers, patients or employees.
  • Costs of hiring a public relations firm.
  • Costs of credit monitoring services to data breach victims.
  • Some policies include extortion coverage for ransomware attacks.


  • Legal services.
  • Notification expenses to alert affected customers and employees
    that their personal information was compromised.

  • Extortion paid to recover locked files in a ransomware attack.
  • Lost income from a network outage.
  • Lawsuits related to customer or employee privacy.
  • Regulatory fines.

Get a Quote

If you’re looking for a team of specialists who can help your cannabis business navigate state laws and regulations like this, contact Cannabis Connect today for a free quote.