Whatever the size of your business, whether you’re a solo entrepreneur or a thriving small or medium enterprise, being on guard against cyber security is vital to safeguarding your operations.

Figures from the 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) compiled by Ponemon Institute LLC show that more than one in two (61%) of businesses fell victim to cyber crime and more attacks were reported than in the previous year. With the threat growing, here are the four biggest cyber security threats that you should be aware of and guarding against:

Threat 1: The Internet of Things (IoT)

While the Internet of Things has represented a huge leap forward in many instances and increased convenience and capability across a number of everyday tasks, it has also increased the threat of cyber attack. If your business makes use of IoT technology, such as to gather client information or automate a process, be aware that your device is a potential gateway for hackers and attackers.

As with any connected device, you’ll need to have security protocols in place to ensure data is kept secure. A simple first step is to change the default password when you set up the device up initially. If you have a device that includes functions or connections you won’t use, make sure they are disabled to limit the threat of cyber attack.

Threat 2: Bring your own devices

If you have a bring your own device policy which allows your staff members (or even customers visiting your premises) to connect to your network, be aware that there is a risk of cyber attack. Malware, viruses and spy ware can easily make its way into your systems from an infected device. The prospect of a cyber attack will increase with the number of devices accessing your system each day. Key to fighting this threat is ensuring that you have a culture of cyber security awareness and very clear security guidelines for those connecting their own device to your own Wi-Fi or other systems.

Threat 3: SQL Injections

Your website is potentially an open door for cyber security attacks and SQL Injections are one of the biggest risks. An SQL Injection allows a malicious third party to tamper with the database which powers your site or web app. This can lead to a host of problems such as data theft. Guarding against SQL Injections requires a proactive and technology-driven approach. You should approach any submitted user data with caution and install a web app firewall as first steps.

Threat 4: Malware

Malware isn’t one of the most sophisticated cyber attacks you’ll face but it is incredibly prevalent. Malware is a blanket term for software which is installed to perform unwanted tasks. It can infect your systems after being received as an email attachment or by visiting an infected website and could take the form of bots, spyware or Trojans making its implications widespread. Your first line of defense is strong anti-virus software along with firewalls and firmware.