Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

SME cybersecurity: high risk

1 February 2019 Information Security, Infrastructure

Small and medium-sized businesses are becoming more attractive targets for cyber criminals – both direct and also as a starting point for larger attacks across a supply chain. Unfortunately, these companies often lack the experts, systems and budgets to successfully withstand cyber-attacks. Meanwhile, today's business landscape means that any organisation can be potentially at risk, regardless of its size.

Many small and medium enterprises have already realised that they are exposed to the same dangers that affect large corporations. Unfortunately, such reflections often come after they have experience the attack.

According to the Cisco 2018 Security Capabilities Benchmark survey, more than half of all cyber-attacks (54%) have resulted in financial losses of over US$ 500 000.

Bearing in mind the scale of the threat, it is important for small and medium-sized companies to take appropriate steps to protect themselves and their clients and partners.

53% have experienced security breaches

The report ‘Small, but powerful’ by Cisco, concerning the cybersecurity of small and medium enterprises, presents information collected from 1815 representatives of the SME sector from 26 different countries. The study not only shows the landscape of threats to which ‘small and medium’ is exposed, but also presents tips on how they should defend themselves against attacks in the near future.

According to the report, 53% of respondents experienced a security breach in the last year. Often, these activities had a long-term negative financial impact: loss of income, customers, business development opportunities or additional repair costs

The most important data from the report

• 30% of companies in the SME sector stated that security incidents cost them less than $100 000, and 20% lost between $1 000 000 and $2 499 999.

• Small and medium-sized companies record about 5000 cybersecurity alerts per day.

• Companies from the SME sector analyse 55.6% of alerts related to cybersecurity.

• The most common types of attacks are those targeted at employees of companies, e.g. phishing (79%), advanced persistent threat attacks (77%), ransomware (77%), DDoS attacks (75%) and the spread of attacks using using the BYOD trend - Bring Your Own Device (74%).

Maximising the effectiveness of security measures

Increasingly, companies thoroughly analyse cybersecurity issues and invest in personnel and technologies that will allow them to face the growing scale of threats. In a situation where SMEs employ more specialists, they would most often invest in:

• Increasing the safety of endpoints by implementing more advanced anti-malware protection. This is the most common answer given by 19% of respondents.

• Improving the security of network applications - 18%.

• Implementation of anti-intrusion technologies as a key way to stop network attacks - 17%.

In comparison to organisations employing over 1000 people (i.e. those of enterprise class), companies from the SME sector rarely rely on solutions based on technologies such as machine learning or automation. Small and medium enterprises are looking for suppliers who integrate artificial intelligence and machine learning with existing solutions, instead of implementing new, additional projects. An example of a solution that enables this is Cisco Encrypted Traffic Analytics, which has implemented machine learning algorithms that detect malicious code in encrypted traffic without decrypting it.

Companies also take into account the solutions needed to maintain the current work environment, including constantly updating mobile devices connected to corporate networks and the growing importance of applications in the cloud. Adoption of the cloud has significantly increased in recent years: in 2014, 55% of companies in the SME sector maintained part of their network resources in the cloud; in 2017, this number increased to 70%. Companies scale resources and often take into account external security solutions, including those from managed security service providers.

Because small and medium-sized enterprises have problems recruiting experts responsible for cybersecurity, they need to maximise existing resources. Over half of these organisations entrust the preparation of a cybersecurity strategy to external companies. Often, they also outsource the development of responses to possible crises and security monitoring.

What is the recipe for SMEs?

Unfortunately, there is no miracle cure for cyber threats. Organisations can, however, take action to transform their company in terms of security awareness, which is made up of activities promoting network protection both at the employee and organisation level. They can also provide staff with knowledge that will allow them to recognise and avoid situations that may allow an attack to happen.





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...
Vodacom Business unveils new cybersecurity report
Information Security IoT & Automation
Cybersecurity as an Imperative for Growth offers insights into the state of cybersecurity in South Africa, the importance of security frameworks in digital resilience and the latest attack methods adopted by cyberattackers.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
Axis introduces ACS Edge and cloud storage
Axis Communications SA Surveillance Infrastructure Products & Solutions
Axis Communications has launched two new solutions within the AXIS Camera Station ecosystem, AXIS Camera Station Edge (ACS Edge) and AXIS Camera Station Cloud Storage (ACS Cloud Storage).

Read more...
Know who’s spying on you
Kaspersky Information Security Products & Solutions
According to the latest State of Stalkerware report, 40% of the people surveyed worldwide stated they have experienced stalking or suspect they are being spied on. A solution for Android is now available.

Read more...
Cybersecurity needs 4,7 million professionals
Information Security
Despite all the efforts organisations worldwide put into preventing cyberattacks, global cybercrime has snowballed to $9,2 trillion in 2024 and is expected to grow by another 70% to $15,6 trillion by the end of a decade.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.