How? With training and security policies.
Create a security culture and train your employees with a Security Policy. Train the employees to ensure they understand the security policy
Here is a page at Fixvirus.com that discusses how to start a security policy:
Also at the US Chamber of Commerce
Here is relevant text from Chamber of Congress:
A majority (60%) of small businesses say cybersecurity threats (phishing, malware, ransomware) are a top concern. A majority also say that supply chain breakdowns (58%) and another pandemic occurring in the future (54%) are top concerns. Less than half of small businesses say they are concerned about inclement weather (45%), theft (42%), natural disasters (39%), or an act of terrorism (37%).
Past experience with the COVID-19 pandemic may be increasing small businesses’ confidence that they can handle any new pandemic that emerges. A majority of small businesses say they are more prepared to handle a pandemic than they were before COVID-19 (83%). Most small businesses also say they are adequately prepared for future threats (71%).
Four in five (80%) small businesses say they have a clear idea of how to change their business if it starts to struggle, levels that are up 13 percentage points from Q4 2020 (67%), but six points under Q2 2018 levels (86%). Additionally, compared to 2018, small businesses are much less likely to strongly agree (24% in Q1 2024, 52% in Q2 2018) that they have a clear idea of how they would need to change their business if it started to struggle.
An example of a security policy section about social engineering in the store only $49. No need for you to create a security policy section on social engineering.
Here is a helpful aid image from one of my previous posts on this website about Business email compromise:
The idea is to give your employees a leg up on combating the constant social engineering attacks or calls(vishing), texts(smishing),or emails (phishing).