A study released from the San Diego-based company CyberCatch reveals that more than 30% of U.S. small businesses have weaker security safeguards in place that can be exploited.

一份由位於美國聖地牙哥的公司 CyberCatch 所發布的研究指出，超過 30% 的美國小型企業使用的資安措施較弱，有被突破的危險。

After scanning for vulnerabilities in more than 20,000 randomly selected U.S. small businesses, CyberCatch found that around 1/3 suffered from spoofing while 28 succumb to clickjacking.

在掃瞄了隨機選取的超過二萬家美國小型企業的系統弱點後之後，CyberCatch 發現其中有 1/3 遭到了欺騙攻擊，而有 28% 受到了點擊劫持。

Spoofing occurs when a fake IP address is used to masquerade as an authorized device, with the goal of the tapping into a company's private system.

欺騙攻擊是藉由將一個虛假的 IP 位置偽裝成獲得授權的裝置，來藉此入侵進公司的私人系統中。

A clickjacking attack is a technique used to persuade a user to click on something that looks benign in their browser, when they're actually clicking on something malicious.

點擊劫持則是一種駭客技巧，說服用戶點擊一個在瀏覽器中看起來無害的連結，但實際上點擊的卻是帶有惡意的連結。

So what can you do about it?

所以該怎麼做才能解決問題呢？

For starters, running anti-malware software on a network's computer is not enough.

首先，只是在網路中的電腦裡運行防毒軟體是不夠的。

A hacker could still break through with a phishing attack or another mechanism and access sensitive data.

駭客仍能藉由釣魚攻擊或是其他手段來突破保安措施，並藉此獲取敏感資料。

Some of the best practices include identifying your vulnerable data.

其中的最佳做法之一包含識別出真正寶貴的重要資料。

Small businesses need to locate and identify their most valuable data and assets, keeping an inventory of their highest security needs.

小型企業需要存放並辨別出最寶貴的資料與資產，並將其存放在最高規格的安保環境下。

Then implement prevention, detection, and response cybersecurity controls.

接著要施行對網路安全控制的預防、偵測與反應。

Test your security, run frequent tests of all your systems, which includes websites, software and web applications,

測試你的安全環境、經常對所有的系統進測試，而這包括了網站、軟體與 Web 應用程式，

to locate any and all security vulnerabilities and patch them before cyber attacker finds them.

藉此來找出所有的安全漏洞，並在網路攻擊者發現他們之前及時補救。

Frequent training. Train your staff and train them often.

頻繁地進行訓練。訓練你的員工，而且頻率要高。

According to Cyber Security Intelligence, 90% of security breaches are caused by human error.

根據網路安全情報公司指出，90% 的安全性突破都是由人為疏失所導致的。

With these safeguards in place, businesses can be better positioned to fend off attacks coming their way and protect their and their customers' data.

有了這些預防措施，企業便能更好地抵禦網路攻擊，並保護好自己與客戶的資料。

Have a topic that you want Inc. to explain?

你有想要 Inc. 解釋的主題嗎？

Drop your suggestions in the comment section below and be sure to like and subscribe.

在評論欄中寫下你的建議吧。記得要按讚和訂閱喔！