JoAnn Laing's Blog - All About Small Business

Cyberattacks have increased in frequency and maliciousness, including phishing, ransomware, and distributed denial of service attacks against networks. Growing cyber threats to business reputation, operations, and intellectual property theft can impact your business’s ongoing viability.

Businesses of all sizes and sectors need increased cyber security diligence.  While larger enterprises have more data and often greater ransom demands, smaller business systems are usually easier to breach by hackers or bad actors.

To lower your risk of being hacked, everyone should take into account the following cyber hygiene guidelines:

• Have a risk management plan that examines particular requirements and vulnerabilities as well as facilitates incident response. Your plan should cover the ramifications of new technologies such artificial intelligence and their potential use in cyber protection.
• On a regular basis, follow release dates, patches, and upgrades on your operating system, networks, and devices.
• Make sure your passwords are strong and not easy to guess; mandate passwords should have at least 8 characters with least one capital letter, one number and one special symbol.
• Include authentication, for most sensitive access you should use biometrics.
• Consider using strong encryption on sensitive date, preferably quantum-resistant.
• Use Identity Access management and a Zero Trust approach; know what people and devices are in your business networks and what user privileges each person has.
• All employees should be educated and reeducated on an annual basis with quarterly reminders about how to use social media responsibly and stay alert to phishing attempts. Note: employees are the #1 risk for your business’s cyber security.
• Regularly back-up your sensitive business data. Think about keeping a copy of the information on a machine that is not in your business network.
• All the employees should stay clear of public networks, and if you must use one then use a VPN.
• If your business lacks the knowledge to manage the above cyber security measures, then consider using a Managed Security Service Provider (MSSP) or Managed Service provider (MSP) who can assess, upgrade, and safeguard your business’s cyber assets.

It is not just cyber hygiene that is important, but also having a strategy to stay secure and be resilient.

• Take a risk management approach. Be proactive: be alert, train staff, discover gaps in your business’s security, and mitigate vulnerabilities to reduce risks. Owners and responsible managers should be familiar with the guiding principles of the National Institute of Standards and Technology (NIST) framework: Identify, Protect, Detect, Respond, Recover.
• Now that generative artificial intelligence and machine learning tools are increasingly in use and sophistication by attackers and defenders alike, it is important to consider all components (people, technologies, procedures, and policies) of cyber security.
• The foundation of cyber security is communication. Business owners and management must coordinate their objectives, work together, and evaluate the businesses information security programs, controls, and network safety on a regular basis. Preparedness comes from the exchange of threat intelligence and innovative security advances, plus it is essential that all people using the systems receive security awareness training.
• Effective cyber security needs expertise. If your business does not have it internally, find reliable help outside. Owners and managers can always benefit from outside knowledge, opinions, and suggestions. Areas of special expertise should include policy, cyber security technology solutions and services, training, legal compliance, liability insurance, and governance.
• New cyber technologies such as artificial intelligence, 5G, cloud and edge computing, and quantum computing are impacting the landscape. It is important to understand and use them in defense of your business.

Cyber security is becoming more sophisticated, plan and act now to defend your business from cyber-attack.

Cyber Security

Cyberattacks have increased in frequency and maliciousness, including phishing, ransomware, and distributed denial of service attacks against networks. Growing cyber threats to business reputation, operations, and intellectual property theft can impact your business’s ongoing viability.

Businesses of all sizes and sectors need increased cyber security diligence.  While larger enterprises have more data and often greater ransom demands, smaller business systems are usually easier to breach by hackers or bad actors.

To lower your risk of being hacked, everyone should take into account the following cyber hygiene guidelines:

• Have a risk management plan that examines particular requirements and vulnerabilities as well as facilitates incident response. Your plan should cover the ramifications of new technologies such artificial intelligence and their potential use in cyber protection.
• On a regular basis, follow release dates, patches, and upgrades on your operating system, networks, and devices.
• Make sure your passwords are strong and not easy to guess; mandate passwords should have at least 8 characters with least one capital letter, one number and one special symbol.
• Include multifactor authentication, for most sensitive access you should use biometrics.
• Consider using strong encryption on sensitive date, preferably quantum-resistant.
• Use Identity Access management and a Zero Trust approach; know what people and devices are in your business networks and what user privileges each person has.
• All employees should be educated and reeducated on an annual basis with quarterly reminders about how to use social media responsibly and stay alert to phishing attempts. Note: employees are the #1 risk for your business’s cyber security.
• Regularly back-up your sensitive business data. Think about keeping a copy of the information on a machine that is not in your business network.
• All the employees should stay clear of public networks, and if you must use one then use a VPN.
• If your business lacks the knowledge to manage the above cyber security measures, then consider using a Managed Security Service Provider (MSSP) or Managed Service provider (MSP) who can assess, upgrade, and safeguard your business’s cyber assets.

It is not just cyber hygiene that is important, but also having a strategy to stay secure and be resilient.

• Take a risk management approach. Be proactive: be alert, train staff, discover gaps in your business’s security, and mitigate vulnerabilities to reduce risks. Owners and responsible managers should be familiar with the guiding principles of the National Institute of Standards and Technology (NIST) framework: Identify, Protect, Detect, Respond, Recover.
• Now that generative artificial intelligence and machine learning tools are increasingly in use and sophistication by attackers and defenders alike, it is important to consider all components (people, technologies, procedures, and policies) of cyber security.
• The foundation of cyber security is communication. Business owners and management must coordinate their objectives, work together, and evaluate the businesses information security programs, controls, and network safety on a regular basis. Preparedness comes from the exchange of threat intelligence and innovative security advances, plus it is essential that all people using the systems receive security awareness training.
• Effective cyber security needs expertise. If your business does not have it internally, find reliable help outside. Owners and managers can always benefit from outside knowledge, opinions, and suggestions. Areas of special expertise should include policy, cyber security technology solutions and services, training, legal compliance, liability insurance, and governance.
• New cyber technologies such as artificial intelligence, 5G, cloud and edge computing, and quantum computing are impacting the landscape. It is important to understand and use them in defense of your business.

Cyber security is becoming more sophisticated, plan and act now to defend your business from cyber-attack.

Cyber Security

Cyberattacks have increased in frequency and maliciousness, including phishing, ransomware, and distributed denial of service attacks against networks. Growing cyber threats to business reputation, operations, and intellectual property theft can impact your business’s ongoing viability.

Businesses of all sizes and sectors need increased cyber security diligence.  While larger enterprises have more data and often greater ransom demands, smaller business systems are usually easier to breach by hackers or bad actors.

To lower your risk of being hacked, everyone should take into account the following cyber hygiene guidelines:

• Have a risk management plan that examines particular requirements and vulnerabilities as well as facilitates incident response. Your plan should cover the ramifications of new technologies such artificial intelligence and their potential use in cyber protection.
• On a regular basis, follow release dates, patches, and upgrades on your operating system, networks, and devices.
• Make sure your passwords are strong and not easy to guess; mandate passwords should have at least 8 characters with least one capital letter, one number and one special symbol.
• Include multifactor authentication, for most sensitive access you should use biometrics.
• Consider using strong encryption on sensitive date, preferably quantum-resistant.
• Use Identity Access management and a Zero Trust approach; know what people and devices are in your business networks and what user privileges each person has.
• All employees should be educated and reeducated on an annual basis with quarterly reminders about how to use social media responsibly and stay alert to phishing attempts. Note: employees are the #1 risk for your business’s cyber security.
• Regularly back-up your sensitive business data. Think about keeping a copy of the information on a machine that is not in your business network.
• All the employees should stay clear of public networks, and if you must use one then use a VPN.
• If your business lacks the knowledge to manage the above cyber security measures, then consider using a Managed Security Service Provider (MSSP) or Managed Service provider (MSP) who can assess, upgrade, and safeguard your business’s cyber assets.

It is not just cyber hygiene that is important, but also having a strategy to stay secure and be resilient.

• Take a risk management approach. Be proactive: be alert, train staff, discover gaps in your business’s security, and mitigate vulnerabilities to reduce risks. Owners and responsible managers should be familiar with the guiding principles of the National Institute of Standards and Technology (NIST) framework: Identify, Protect, Detect, Respond, Recover.
• Now that generative artificial intelligence and machine learning tools are increasingly in use and sophistication by attackers and defenders alike, it is important to consider all components (people, technologies, procedures, and policies) of cyber security.
• The foundation of cyber security is communication. Business owners and management must coordinate their objectives, work together, and evaluate the businesses information security programs, controls, and network safety on a regular basis. Preparedness comes from the exchange of threat intelligence and innovative security advances, plus it is essential that all people using the systems receive security awareness training.
• Effective cyber security needs expertise. If your business does not have it internally, find reliable help outside. Owners and managers can always benefit from outside knowledge, opinions, and suggestions. Areas of special expertise should include policy, cyber security technology solutions and services, training, legal compliance, liability insurance, and governance.
• New cyber technologies such as artificial intelligence, 5G, cloud and edge computing, and quantum computing are impacting the landscape. It is important to understand and use them in defense of your business.

Cyber security is becoming more sophisticated, plan and act now to defend your business from cyber-attack.

All images by Freepik

Adding the next generation to your business can be the best or worst thing to happen. 

After decades when parents were finding it difficult to entice children to take over family businesses, recent years have seen a change.  Today, more sons and daughters are asking to join and run their family enterprises.  

In recent years, many children have seen first-up close your challenges and hours dedicated to growing the business and have said, ‘No, thank you’! But with the job market fluctuating for various reasons, more of the next generation is thinking that going into the family business might be best for them. 

Pitfalls must be considered and dealt with regardless of the motivations that impelled the change.  

But is it right for the business?   

The blending of personal relationships and family history can impact future business operations. If not managed correctly, past family issues can result in misunderstandings and resentment among family members and other employees. Identifying and addressing these challenges early can help pave the way for a more seamless leadership transition.   

There are various pros and cons to bringing on the next generation. 

Pros: 

• Keeping the business in the family, preserving, protecting, and/or passing on wealth. 
• The next generation may have learned about the business over a couple of decades through overheard conversations and/or perhaps summer/holiday/part-time employment. 

Cons: 

• Employees may fear nepotism. 
• Family members not involved in the business may not be happy. 
• The next generation may expect favoritism.  

The goal should be to create a succession plan that works for the next generation and, hopefully, for future generations. Here are some factors to consider: 

Getting the help of an experienced business law attorney is essential for the longevity and stability of the family-owned business. Key elements include understanding the dynamics of family relationships, defining governance structures, and implementing strategies for a smooth leadership transition. 

Understand succession in a family-owned business often involves more than transferring ownership. It includes preparing the next generation for leadership roles (through mentorship programs, formal training, and individual development plans) and managing the next generation’s expectations.  

Family dynamics can complicate succession, so open communication is critical. Establishing clear expectations early and addressing potential conflicts can reduce friction. Documenting the succession plan allows all family members to understand their roles and promotes transparency. 

Governance structures guide decision-making and enhance accountability in your family business. Updated by-laws and/or operating agreements may help mitigate conflicts by establishing rules for governance and succession. Regular family business meetings can support better communication and can foster cooperation. Further, the company should implement a board of directors composed of family and non-family members to provide diverse perspectives. This structure can support strategic planning and enhance your business’s viability and resilience. 

Medical and emotional dynamics, as well as history and baggage, need to be navigated. Key focus areas include family relationships and the interplay between personal aspirations and business objectives. Similarly, medical issues and/or chemical dependencies should be addressed in succession plans. 

Family relationships and business roles can complicate succession planning. Relationships often influence decision-making and perceptions of fairness. Clarifying roles within the business and establishing communication protocols are essential. Regular family business meetings and a process for conflict resolution are important. Agreeing on a structured approach helps manage disagreements; consider involving neutral third parties to provide an unbiased perspective during conflicts. 

Harmonize personal and professional goals, if/when possible. Family members may have unique visions for their future, which can clash with the business’s direction. Understanding these individual goals facilitates better planning, encourages alignment, and helps set realistic goals that satisfy personal and professional requirements. 

Developing a shared vision for the business can unify perspectives. Documenting this vision provides a reference point for future decisions. This approach fosters commitment to the business while respecting individual desires. 

Generational differences can lead to misunderstandings and misaligned expectations. Communicate across generations and address challenges to create a smoother transition and strengthen familial relationships. 

Further, different generations often hold varying perspectives on leadership, risk, and business operations. The older generation may prioritize accountability, stability, and tradition, while the younger generation might focus on innovation and change. To bridge this gap, the business should encourage family members to engage in purposeful dialogues to understand each other’s values and goals. Structured meetings, surveys, or feedback forms can also help gather input from all generations, making everyone feel involved. 

Foster open communication to navigate succession planning effectively. Encourage all family members to express their thoughts and feelings; this can help identify concerns early. Establish a culture of honesty, which promotes trust and collaboration. Establish regular family meetings. Set ground rules for respectful communication that allow differing opinions to be expressed without conflict. Consider utilizing mediators or facilitators to aid in addressing sensitive topics. Technology, such as group chats or collaborative platforms, can facilitate ongoing conversations and ensure that communication remains fluid across generations. 

Develop future leaders:  

Building a pipeline of capable leaders (related individuals and other employees) within a family business is essential. Having outsiders inspires non-family member employees and family members to up their game. 

• Establish mentorship programs to facilitate skill development. Businesses ensure knowledge transfer and leadership training by pairing younger family members and high-potential non-employees with seasoned leaders. 
• Involve in business operations to allow potential successors hands-on experience. This engagement fosters familiarity with processes and cultivates a strong sense of responsibility. 
• Support formal education and external training to provide educational opportunities; this enables family members and high-potential non-family members to acquire specialized expertise. 

By proactively developing leaders, family businesses can reduce uncertainty and better prepare successors for future challenges. 

How to set up succession success: 

• Begin with early planning, communication, and preparation of the next generation, plus consider benchmarking against the best in the industry.  
• Develop a comprehensive succession plan, including identifying potential next-generation successors (employees and outsiders), creating role profiles, and establishing training and development programs.  
• The plan for learning the business should include goals and timeframes. 
• Establish metrics to measure success; these should align with other employees. 
• Set up mentoring with existing executives and/or getting the advice of an outside coach. 
• Provide regular feedback. 
• Focus on building trust, setting clear expectations, and engaging all relevant stakeholders.  

What to do when succession plans are not working: 

• It is crucial to re-evaluate the plan, consider alternative options like ESOPs or strategic buyers, and seek external guidance from professionals.  
• Explain why it is not working for the next generation and try corrective action. 
• Address any conflicts within the family, like those related to ownership, wealth, or business structures. Mediation or advisory services can also be helpful to get back on track.  
• If still not working, work out a split, including help finding their next position. 
• Inform other employees of the next generation exit. 

The business is part of your legacy.  Putting in the time, effort, and resources to do it right is essential. 

When everyone first started talking about AI for business and there were endless possibilities seen also requiring endless tools to learn. The initial forays into AI often resulted in disappointing, inconsistent, or just not worth the time invested.
Fast forward to today, and while AI has become more powerful, many business owners are still struggling with tool fatigue and information overload.

Most approaches to integrating AI into business fall short—not because the technology is not capable, but because people either spread themselves too thin across dozens of tools (plus their everyday responsibilities) or do not know how to effectively use the right ones.  An analogy of using the wrong work tool for a job is using a saw to pound a nail – the result is less than optimal: you may cut yourself; it may take a long time; may not be pounded in straight or all the way; or fail completely.

Nevertheless there are many benefits to using AI, which include but are not limited to:

• Ideation, Innovation, New Possibilities
• Summation of Results
• Broader and More Detailed Research
• Enhanced Decision-Making
• Increased Productivity and Efficiency
• Improved Customer Service
• Enhanced Accuracy and Reduced Errors
• Provide Specific Applications (improved diagnostics, personalization, etc.)

How to proceed

When selecting AI tools think about what you are trying to accomplish.  Select the best tool for the job.  Be specific with how it is used.  Then carefully and fully verify results.

At this time, pairing AI with a human is the best approach for your business to increase productivity plus save time and money.  Businesses using AI are outperforming those who do not use AI.  If your business is not using AI start using it today.

Attribution of above 3 images: Craiyon

In my many readings, I came across The Ultimate AI Tools Guide for Entrepreneurs that was put together by techunited new jersey (see below). It may help you and your business select some tools to start with and perhaps become aware of tools and functional areas you have yet to apply AI.

The Ultimate AI Tools Guide for Entrepreneurs Keeping up with AI can feel like a full-time job.   New tools pop up daily, but which ones are actually worth your time (and budget)?   We’ve sorted through the noise to bring you the best AI tools across seven key business functions — ones that are practical, easy to use, and deliver real results. Transcription & Summarization Tools Financial Forecasting Tools Market Research Tools Copywriting Tools  Social Video Editing Tools Proofreading Tools  Presentation Tools