classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn

Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018

SME cybersecurity: high risk
February 2019, Cyber Security, IT infrastructure

Small and medium-sized businesses are becoming more attractive targets for cyber criminals – both direct and also as a starting point for larger attacks across a supply chain. Unfortunately, these companies often lack the experts, systems and budgets to successfully withstand cyber-attacks. Meanwhile, today's business landscape means that any organisation can be potentially at risk, regardless of its size.

Many small and medium enterprises have already realised that they are exposed to the same dangers that affect large corporations. Unfortunately, such reflections often come after they have experience the attack.

According to the Cisco 2018 Security Capabilities Benchmark survey, more than half of all cyber-attacks (54%) have resulted in financial losses of over US$ 500 000.

Bearing in mind the scale of the threat, it is important for small and medium-sized companies to take appropriate steps to protect themselves and their clients and partners.

53% have experienced security breaches

The report ‘Small, but powerful’ by Cisco, concerning the cybersecurity of small and medium enterprises, presents information collected from 1815 representatives of the SME sector from 26 different countries. The study not only shows the landscape of threats to which ‘small and medium’ is exposed, but also presents tips on how they should defend themselves against attacks in the near future.

According to the report, 53% of respondents experienced a security breach in the last year. Often, these activities had a long-term negative financial impact: loss of income, customers, business development opportunities or additional repair costs

The most important data from the report

• 30% of companies in the SME sector stated that security incidents cost them less than $100 000, and 20% lost between $1 000 000 and $2 499 999.

• Small and medium-sized companies record about 5000 cybersecurity alerts per day.

• Companies from the SME sector analyse 55.6% of alerts related to cybersecurity.

• The most common types of attacks are those targeted at employees of companies, e.g. phishing (79%), advanced persistent threat attacks (77%), ransomware (77%), DDoS attacks (75%) and the spread of attacks using using the BYOD trend - Bring Your Own Device (74%).

Maximising the effectiveness of security measures

Increasingly, companies thoroughly analyse cybersecurity issues and invest in personnel and technologies that will allow them to face the growing scale of threats. In a situation where SMEs employ more specialists, they would most often invest in:

• Increasing the safety of endpoints by implementing more advanced anti-malware protection. This is the most common answer given by 19% of respondents.

• Improving the security of network applications - 18%.

• Implementation of anti-intrusion technologies as a key way to stop network attacks - 17%.

In comparison to organisations employing over 1000 people (i.e. those of enterprise class), companies from the SME sector rarely rely on solutions based on technologies such as machine learning or automation. Small and medium enterprises are looking for suppliers who integrate artificial intelligence and machine learning with existing solutions, instead of implementing new, additional projects. An example of a solution that enables this is Cisco Encrypted Traffic Analytics, which has implemented machine learning algorithms that detect malicious code in encrypted traffic without decrypting it.

Companies also take into account the solutions needed to maintain the current work environment, including constantly updating mobile devices connected to corporate networks and the growing importance of applications in the cloud. Adoption of the cloud has significantly increased in recent years: in 2014, 55% of companies in the SME sector maintained part of their network resources in the cloud; in 2017, this number increased to 70%. Companies scale resources and often take into account external security solutions, including those from managed security service providers.

Because small and medium-sized enterprises have problems recruiting experts responsible for cybersecurity, they need to maximise existing resources. Over half of these organisations entrust the preparation of a cybersecurity strategy to external companies. Often, they also outsource the development of responses to possible crises and security monitoring.

What is the recipe for SMEs?

Unfortunately, there is no miracle cure for cyber threats. Organisations can, however, take action to transform their company in terms of security awareness, which is made up of activities promoting network protection both at the employee and organisation level. They can also provide staff with knowledge that will allow them to recognise and avoid situations that may allow an attack to happen.

  Share via Twitter   Share via LinkedIn      

Further reading:

  • 2019 cybersecurity crystal ball
    February 2019, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
    Craig Rosewarne, MD of Wolfpack Information Risk says the cyber landscape will be more volatile and dangerous in 2019, are we ready?
  • Now look here!
    February 2019, Technews Publishing, This Week's Editor's Pick, IT infrastructure
    Hi-Tech Security Solutions asks industry specialists what display issues should be considered when equipping control rooms with monitors.
  • 50% of companies can’t detect IoT breaches
    February 2019, This Week's Editor's Pick, Cyber Security, IT infrastructure
    Only around half (48%) of businesses can detect if any of their IoT devices suffer a breach. This comes despite an increased focus on IoT security.
  • Cross-campus Wi-Fi connectivity
    February 2019, Education (Industry), IT infrastructure, Products
    Charles Telfair Campus selected Ruckus Networks to deploy its campus-wide wireless network, providing learners and staff with quality Wi-Fi experience for the digital ag
  • Data security sits at the heart of democracy
    February 2019, Cyber Security, Security Services & Risk Management
    A succession of high-profile government data breaches both locally and abroad has cast a stark light on the importance of effective public sector cybersecurity policies and protections.
  • Corporate fraud and insider threats
    February 2019, Cyber Security, Security Services & Risk Management
    Insider fraud and theft can often be more damaging to a company than risks from outside.
  • Corporate privacy in a selfie age
    February 2019, Cyber Security, Security Services & Risk Management
    Doros Hadjizenonos, regional sales director at Fortinet in South Africa looks at how CISOs can maintain corporate privacy even as employees adopt emerging technologies.
  • Kaspersky unveils new partner programme
    February 2019, Kaspersky Lab, News, Cyber Security
    Specialised, enabling and profitable: Kaspersky Lab unveils new programme to empower its partners and improve services to clients.
  • Trust but continually verify
    November 2018, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions, IT infrastructure
    Hi-Tech Security Solutions looks at access and identity management and asks some industry players what ‘zero trust’ and ‘least privilege’ access means.
  • Managing who, what and why
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security
    Today’s access control isn’t only concerned with who has access, but also what has access, why they need it and what they are doing with it.
  • Physical/logical convergence
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
    The convergence between physical and logical (or cyber) security will be a game-changer because it will change the way we do everything, from planning to design and all the way to installation and maintenance.
  • Physical and logical convergence is a fact
    November 2018, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    Convergence, the next buzzword? A dated buzzword? Is convergence ­merely ­integration on steroids? What is convergence?

Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Terms & conditions of use, including privacy policy
PAIA Manual
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.