Cybersecurity for small to medium-sized companies is an evolving issue. Every year there are slight changes to the landscape of online security that means adjustments are required, but many threats—such as bad actors causing massive data breaches– are evergreen. It’s easy to get caught up in one type of threat, especially when risk for it increases in a short span. For example, there is a lot of focus on ransomware protection in the last few years due to its steady increase in volume and sophistication, but many other threats that don’t get as much attention are still very real.

It’s difficult for small business owners to keep up with every new cybersecurity concern. There’s attention focused on something new all the time, but here are a few threats that you can count on you and your managed IT services provider needing to pay attention for the foreseeable future.

Employee and User Error

Having updated, well implemented policies and practices regarding cybersecurity for your staff is essential. There is no way to guarantee employees will never make a mistake—they are human being and that’s okay. Having documented policy that employees are consistently trained on though will make a huge difference and greatly reduce the risk of incidents in the future. Employees leaving passwords out, plugging in unvetted hard drives, connecting to the wrong, insecure Wi-Fi network and more will always be a problem for cybersecurity. People will never be infallible, so it’s always best to plan for it.

Internet of Things Risks and Vulnerabilities

The Internet of Things refers to the many small household objects and devices with wireless connections that are popular these days. Light bulbs, refrigerators, microwaves, speakers, and more all have variations with enhanced wi-fi connected features. Unfortunately, many of these devices are weaker with regards to security and hackers can use them as a point of access to get into your systems. If your business has a physical location, keeping items like them to a minimum may be better than allowing them in your workspace. Furthermore, if employees work from home, you should ensure they have security practices they are using if they have these devices in the same place they are working. These devices continue to be a major target for hackers and bad actors, so this is a problem unlikely to go away anytime soon.

Phishing Attacks

The reality that phishing attacks are a low effort and low tech means to hacking, and yet it’s still pretty effective overall as a way for attackers to cause data breaches, means it’s unlikely to ever go away fully as a tactic. Keep up with the latest common phishing scams and attempts to swindle innocent folks. Emails, spammy websites, robocalls even…whatever new tactics they’re using—make sure your entire team is capable of spotting them and avoiding catastrophe.

These are some evergreen cybersecurity concerns you can bank on being relevant for a long time, regardless of what you see in the headlines on news sites.