You may think that only large global enterprises are vulnerable to
cyber-attacks. However, SMEs represent an alluring target to cyber criminals.
Cyber attacks happen to organizations of all sizes, and the financial costs
come from the attack, the fixes, any legal costs and regulatory fines, and the
potential negative impact on your business reputation.
Even with these risks, many SMEs forgo an investment in IT managed services,
which will strengthen their cyber security.
This is a problem for several reasons. The U.S. economy is driven in large
part by SMEs. If you need to shutter your business to repair damage from a
cyber attack, the impact on your revenue and profitability will be
disproportional. Large enterprises may be able to absorb the expense, but can
you afford costly damage?
The Cyber Security Breaches Survey taken in October 2018 found that the
average ransom demanded in a cyber attack was $1,077. However, the average
remediation cost was $133,000. This includes recovery costs, downtime, and lost
SMEs are Vulnerable to Cyber Attacks
The survey also found that SMEs are less likely than large organizations to proactively protect against cyber-threats. Nearly 80 percent of enterprise-level companies sought advice, information, or guidance regarding cyber security. However, only 58 percent of small businesses took the same action. The differences are even greater regarding cyber security policies and training. This means that small businesses are far more vulnerable to attacks and the resulting losses.
Although 55 percent of small businesses performed risk assessments, health
checks, or audits to pinpoint cyber security risks, a full 25 percent failed to
actually implement risk management measures or cyber security governance. In
addition, only 12 percent of SMEs have adopted any formal cyber attack
There is good news, however. Awareness of these weaknesses is growing. At least 74 percent of the survey
respondents stated they place a high priority on IT security. At
the same time, 42 percent of them identified one or more attacks during the
previous 12 months. These businesses experienced over 24 hours of downtime in
17 percent of the incidents.
DDoS and Ransomware: Top Attack Trends
The top trends in cyber attacks continue to be distributed denial of service
(DDoS) and ransomware. These attacks are damaging to an SME. They can also be
fatal. If your small-to-medium sized business is inaccessible for many hours,
or even days, the impact can be severe.
Downplaying or ignoring risk management in the digital age is risky. You
have a lot to lose. Increasing awareness is good, but IT security takes action.
However, building an in-house IT security team is both costly and
time-consuming, especially now that there is an increasing shortage of IT
security professionals. To act more quickly and take advantage of economies of
scale, SMEs should engage a cyber security managed services provider to
identify and fix compromising loopholes.
Engaging an IT services provider may sound too expensive or complex at
first. However, they have the right tools and knowledge to operate them 24/7,
which keeps your business more secure.
You want to avoid an attack, not fix the damage caused by one. In addition,
you should analyze “what if” scenarios and implement a company-wide cyber
attack incident management strategy. This should include restoring IT backups,
troubleshooting, customer communications, and stakeholder management. The most
effective method of preventing an attack is to partner with a capable team that
knows how to respond quickly and efficiently to potential threats.
No organization is too small to be ignored by cyber criminals. With the
right approach, no organization is too small to put up a strong defense.