Cybersecurity Awareness Month 2025 is here, and it’s an ideal time for Utah small businesses and families to strengthen their digital defenses. Cyber threats aren’t just a big-city problem or something only large companies face – even in Utah, nearly 6,877 cybercrime incidents were reported in 2024, with over $129.4 million in losses1wirefiber.com. Small businesses are especially at risk: 70% of small businesses are targets, and 60% of them go out of business after a major cyber attack.
These sobering statistics underscore why staying cyber-safe is so critical. The good news is that small actions can make a big difference in protecting your data. This Cybersecurity Awareness Month, let’s look at five practical tips – inspired by national best practices and local Utah needs – to help keep your business and family safe online.
1. Use Strong, Unique Passwords
Weak or reused passwords are like leaving your office door unlocked. In fact, 80% of hacking incidents involve stolen or weak passwords. To protect your accounts, ensure that everyone in your business (and household) uses strong, unique passwords for each login. A strong password is long (12+ characters) and mixes letters, numbers, and symbols. Avoid anything easy to guess (no pet names or “123456”).
Because it’s impossible to remember dozens of complex passwords, use a reputable password manager to generate and securely store them. This way, each user only needs to remember one master password while all their individual passwords remain unique and hard to crack. By eliminating password reuse and embracing stronger credentials, you close the door on one of the biggest security holes in both home and business cybersecurity.
Q: What if someone does steal a password?
A: That’s where our next tip comes in – multi-factor authentication will save the day even if a password is compromised.
2. Enable Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) adds an extra verification step (like a code from your phone or a fingerprint) when logging in, and it’s one of the simplest yet most effective security measures you can take. According to Microsoft, MFA can prevent 99.9% of account hacks. Unfortunately, many businesses haven’t caught up – only about 20% of small businesses use multi-factor authentication on their accounts. Enabling MFA on email, banking, cloud storage, and other critical accounts means that even if hackers steal a password, they still can’t get in without that second factor.
For your team at work, require MFA on business apps (most services like Microsoft 365, Google Workspace, and banking platforms support it). At home, turn on two-factor authentication for things like social media, online shopping, and personal email. It’s a quick step that dramatically boosts security with minimal inconvenience. In short, don’t rely on passwords alone – lock down your logins with MFA.
3. Beware of Phishing Scams
Phishing scams – those deceptive emails or texts that try to trick you into clicking a bad link or revealing sensitive info – remain one of the most common ways cybercriminals target Utah organizations and families. In nearly all major cyber incidents, the entry point is a human mistake, like a misplaced click. In fact, studies show 95% of cybersecurity breaches are caused by human error, and employees at small businesses experience 350% more social engineering attacks (like phishing) than those at larger companies. The lesson is clear: stay vigilant and educate your people.
Train your employees (and remind your family members) on how to spot phishing red flags. Common phishing red flags include:
- Mismatched or strange sender addresses (e.g. an email claiming to be from your bank but coming from a Gmail account).
- Urgent or threatening language pressuring you to “act now” or else face consequences.
- Requests for sensitive information like passwords, bank details, or social security numbers via email.
- Unsolicited attachments or links, especially if the message content is odd or unexpected.
Whenever you encounter a suspicious message, pause and think. Don’t click links or download files unless you’re sure of the source. It’s perfectly okay to verify the request through another channel – for example, call the company or person directly to confirm if they really sent that email. Creating a culture of “trust but verify” at work and at home will greatly reduce the chance that a phishing email sneaks past your defenses. During Cybersecurity Awareness Month, consider running a quick phishing awareness training or even a fun quiz for your staff or family – it can be an eye-opener and empower everyone to be your first line of defense.
4. Keep Your Software and Devices Updated
When your computer or smartphone nags you about a software update, don’t ignore it! Cybercriminals often exploit known flaws in outdated software – and if you haven’t installed the fix (patch), you’re basically leaving a window open for intruders. A striking statistic: 60% of data breaches involve a known vulnerability that had a patch available but was never applied. In other words, more than half of breaches might have been prevented by a routine update. Whether it’s your office PCs, a point-of-sale system, or your family’s laptops and tablets, make sure all operating systems, applications, and antivirus programs are kept up to date.
Practical steps: Turn on automatic updates wherever possible, so you get security patches as soon as they’re released. Set aside time (at least monthly) to manually check for updates on critical business systems that might not auto-update. This includes not just computers, but network equipment like your Wi-Fi routers and any smart devices (IoT) in the office or home. By keeping everything current, you greatly reduce the risk of known exploits. It’s like fixing the locks on your doors as soon as a weakness is discovered. The effort is minimal, but the payoff – avoiding a breach – is huge.
5. Back Up Your Data Regularly
Imagine the worst-case scenario: a ransomware attack locks all your business files, or a malware infection wipes out your family photos. Would you have copies of that data to restore from? For too many people, the answer is no. In a recent survey, nearly 40% of small businesses said they lost crucial data due to a cyberattack. And the stakes are high – 75% of SMBs would not be able to continue operating if hit by ransomware locking up their systems. Regular data backups are your safety net against such disasters.
For businesses, identify your critical data (customer records, financial info, important documents) and set up an automated backup system. Follow the 3-2-1 rule if possible: keep 3 copies of your data (1 primary and 2 backups), on 2 different media (for example, cloud storage and an external hard drive), with at least 1 of those copies stored offsite or offline. This ensures that even if one backup is compromised (or the building burns down), you have another safe copy. Test your backups periodically by attempting a file restore – you don’t want to find out too late that your backup file was corrupt or incomplete.
Families should also back up important things like photos, personal documents, or kids’ schoolwork. Using a cloud backup service or an external USB drive can save priceless memories from being lost. The goal is to be able to recover quickly if something goes wrong. When you have reliable backups, a cyber incident changes from a potential catastrophe to a manageable IT hiccup. You can wipe infected machines, restore your data, and get back to business (or life) with minimal interruption.
Stay Safe with a Little Help from the Experts
Cybersecurity Awareness Month is a reminder that even here in Utah, cyber threats are very real – but it’s also a reminder that we’re not helpless against them. By taking these five steps (strong passwords, MFA, phishing awareness, updates, and backups), you can prevent the vast majority of common attacks and protect what matters most, be it your business or your family. Cybersecurity is an ongoing effort, not a one-time project, and it’s normal to feel a bit overwhelmed by the technical side of it.
The encouraging news is you don’t have to tackle it alone. As a local Utah business owner, you have access to professional IT support right in your community. If you ever need guidance or an extra set of hands implementing these cybersecurity measures, consider reaching out to our team at Crossaction Business IT Solutions. We’ve helped Utah companies and households fortify their cyber defenses with custom solutions and friendly expert advice. Whether it’s setting up a secure backup system, providing staff training, or managing network security 24/7, Crossaction is here to help you every step of the way.
This Cybersecurity Awareness Month, let’s commit to staying safe online. Small businesses are the backbone of Utah’s economy, and families are the heart of our community – protecting them from cyber threats is worth the effort. Stay vigilant, stay informed, and don’t hesitate to seek professional help when you need it. With the right practices (and partners) in place, you can focus on growing your business and enjoying your digital life with confidence, knowing that you’ve built a strong defense against whatever cyber threats come your way.