During Cybersecurity Awareness Month, Attorney General Todd Rokita is alerting small businesses to rising cyber threats and providing tips for them to protect themselves and their customers. 

“Cybercriminals view small businesses as easy targets and look for any weaknesses they may have in their security systems,” Attorney General Rokita said. “It’s critical for small business owners to have safeguards in place to protect their data and customers’ personal information.” 

Making sure any Hoosier business has the appropriate cybersecurity controls has become a necessary step in today’s economy. The average cost incurred by a business from a data breach is now more than $4 million, and approximately 40% of small businesses worldwide have reported losing essential data due to cyber-attacks. 

According to the US National Cyber Security Alliance, 60% of small businesses that suffer a cyber-attack go out of business in less than a year. 

To keep your small business and consumers protected, Attorney General Rokita encourages Hoosiers to follow these tips: 

  • Train employees in security principlesEstablish basic security practices and policies for employees, such as requiring strong passwords.  
  • Passwords and authenticationRequire employees to use unique passwords and change passwords regularly. Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry. 
  • Protect information, computers, and networks from cyber-attacks. Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.  
  • Provide firewall security for your Internet connectionA firewall is a set of related programs that prevent outsiders from accessing data on a private network.   
  • Make backup copies of important business data and information. Regularly backup the data on all computers.  
  • Secure your Wi-Fi networksIf you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden.   
  • Employ best practices on payment cardsWork with banks or processors to ensure the most trusted and validated tools and anti-fraud services are being used.  


The Attorney General’s Office is responsible for enforcing the Disclosure of Security Breach law to better protect Hoosiers from identity theft. If a business has a breach, they are required to inform their customers that their personal information in jeopardy.

If you believe you are a victim of a security breach, please fill out this form here and email it to DataBreach@atg.in.gov

For more information, visit indianaconsumer.com or call (800) 382-5516.