Security Breaches have nearly become a daily news feature. Attacks range from drive by opportunistic low-level hacks to sophisticated state-sponsored data breached and corporate espionage. The former is entirely preventable and the good news is your company is not a target for the latter.

The bad news: attackers always have the advantage. As a business owner you must protect 100% of your assets while attackers only need to find one vulnerability to compromise all that you've worked for. In fact it's likely that your computer has some malicious software on it now which could be anything from commodity malware to the far more nefarious remote-access Trojans used by state-sponsored hackers for corporate espionage.

The good news: your data is of little value and hackers aren't very interested in your data. Seriously, we're flattering ourselves. They want big scores of marketable data, so millions of credit card and social security numbers (SSNs). Identities including SSNs sell for between $5-$50 each on the black market, meaning the information you keep on your clients, especially in volume, is far more valuable than your personal information.

What can you do to protect yourself? All is not hopeless, many attackers are lazy and you just need to be faster than the slowest gazelle to survive on the digital Savannah day-to-day.

Assess your risk. – Where do you keep your data, who hosts your website, blog and email? Find out what security measures they are taking on your behalf and find out if there are additional security controls they can offer you. If you are hosting your own IT services like email and blog – STOP – there are cloud services for everything you need. It is more secure and cost effective to use hosted services.

Password security -.Usernames and passwords are the de facto standard for authentication or granting access to a system. Password guessing or brute forcing is one of the top techniques hackers use. Here are a few tips for securing your password:

Use a password manager like 1Password, KeepPass or LastPass. Password managers allow you to create long random passwords and you only need to remember one strong password to your “password vault.”

Do not use the same password for multiple sites

Length increases entropy and is far more important than complexity. A sentence even all lower case is stronger than a short memorable password

Use 2 factor authentication where possible. Google Authenticator is a smart phone application that will allow you to use a code with your password

Separation of Duties – Keep a separate laptop for “personal” use. At the risk of putting too fine a point on it – do not surf porn, gambling or other risky content on your work computer. There are many inexpensive options such as Chromebooks or iPad available for recreational computing.

Software Updates – Install software updates as soon as they are released. Most malware takes advantage of known vulnerabilities. Most breaches in the news could have been entirely avoided just by keeping software updated.

Stay in the know - Stay up to date with the vendors services you use. It is simple to set up a Google alert for security incidents for your industry, your the suppliers, and vendors or partners.

From a more general level, know who to call during a security incident. Make a table of measures you'll take depending on severity of attack. Have your response plan in writing ahead of time.