The rising reliance on social media platforms like Facebook, Instagram, and others for business promotion and sales is evident. Yet, this digital evolution comes with a hefty downside for small business entrepreneurs: heightened cybersecurity risks.

Let me share the story of Pat Bennett, a Cleveland-based entrepreneur. Bennett had built a significant portion of her granola business on Instagram. Yet, as she navigated the dual pressures of rising ingredient costs, her business took another hit. Through what seemed like an innocent interaction with a known contact on Instagram Messenger, Bennett was lured into a scam. This resulted in the loss of access to her business accounts on Meta’s platforms. The scam’s origins are traced back to Europe, but the damage was done. The cybercriminals demanded nearly $10,000 to restore her account access. Pat, however, refused.

Sadly, this is far from an isolated incident. 

Recent surveys by CNBC indicate that while many small business owners underestimate the risk of cyberattacks, the FBI paints a different picture. In 2021, their Internet Crime Complaint Center logged over 800,000 cyber-related complaints, with losses nearing $7 billion. The primary victims? Small businesses.

Also Read: Emerging AI Tools Raising Cybersecurity Concerns

Despite these alarming trends, many small business owners feel platforms like Meta aren’t doing enough. Although Meta does emphasize its ongoing efforts to counter malicious activities and malware threats, the growing number of incidents tells another story.

As small businesses leverage platforms like Instagram and Facebook for marketing and growth, cybercriminals see opportunity. 

While the digital threat landscape might seem daunting, experts argue that the key defense measures are relatively straightforward. Most business owners fail to utilize in-built security measures on these platforms, such as two-factor authentication. Implementing strong password practices, favoring length over intricacy, and using business-specific password management tools can also make a huge difference.

Yet, the broader digital space remains, for the most part, a wild west. Tech behemoths’ lax security practices haven’t gone unnoticed by the U.S. government’s main cybersecurity body, the Cybersecurity and Infrastructure Security Agency (CISA). CISA’s leadership urges these giants to prioritize security in their products, advocating for inbuilt safety measures. However, tangible support for small businesses remains scarce, as the agency doesn’t regulate small business-specific software.