By David Steele
It’s tempting to overlook cybersecurity when you’re a SME. It can be thought of as one of those things that other, perhaps bigger, businesses need to worry about. But the threat to even small enterprises is increasing, and failure to take it seriously can hinder growth. Or, even worse, have fatal consequences for a business.
Historically, SMEs were protected from many crimes because of their size. With a high risk of detection and capture, the potential rewards simply weren’t high enough for criminals to attempt fraud or blackmail. But cybercrime has transformed those dynamics.
Cyberattacks can be perpetrated at low cost and low risk to the criminal. Largely automated, there is no disincentive for criminals to avoid attacking any size or type of enterprise. And there is no moral compunction either, as ransomware attacks on healthcare and education have shown. SMEs, which might be less resilient than bigger businesses, cannot expect sympathy from cybercrime perpetrators.
It’s now estimated that 43% of cyberattacks worldwide are targeted at SMEs. And the consequences can be devastating. A quarter of buyers will abandon a business if they discover it has been the subject of a successful cyberattack. And around 60% of SMEs that have suffered a hacking or data breach close within six months.
The cybersecurity risk profile for SMEs is increasing
As businesses increasingly work online, supplementing their business with ecommerce functionality, as well as using cloud-based solutions to support agile working, their risk profile increases. This leaves them more and more vulnerable to attack.
The European Union Agency for Cybersecurity’s 2021 threat report revealed that cyberattacks were increasing, both in volume in size: the number of attacks and the size of ransom demand doubled in a year between 2020 and 2021. Some estimates suggest that over the course of the whole pandemic it increased by as much as 600%, partly driven by the opportunities created by hastily implemented remote working.
There’s no denying that there is a lot of work to be done. Research by the .ie domain registry, for example, found more than half of Irish SMEs either take no action, or don’t even know if they do anything, to protect against cybercrime. However, it is not all bad news, businesses that invest in cybercrime prevention can see real benefits.
Investing in cybersecurity leads to business growth
The first benefit to business is the protection that being proactive offers, businesses can avoid the financial and reputational damage that a data breach or ransomware attack will bring.
This is no small thing.
A cybercrime incident can lead to damage that can harm an organisation for years to come. Trust takes years to build up, and then can be lost in a moment. In the wake of a cybersecurity attack, trust does not just automatically replenish itself.
Secondly, meeting the latest standards of cybersecurity enhances the ability your business has to implement digital transformation projects. You can adopt practices like remote and agile working, cloud-based systems, and online transactions with confidence and reassurance. And with consumers and other businesses becoming ever more savvy, investing in cybersecurity solutions will reassure customers and attract more trade.
Whether you operate in a B2B or B2C space, your clients are wisening up to the critical necessity of their data being treated with the utmost care and kept safe. If they do not feel reassured that your organisation is doing everything you should be to follow cybersecurity best practice principles, they’ll take their custom elsewhere.
But it’s also time to stop approaching cybersecurity in a defensive manner, and instead view the benefits that will arise if a proactive stance is taken.
Recent figures from Cisco show that “44% of executives see cybersecurity as a competitive advantage for their organisation.”
Cybersecurity has the power to affect everything, from the speed of your website to the image your brand enjoys among your clients to attracting investment, for the better.
That means that for corporations and SMEs alike, cybersecurity and business growth are inseparably connected. Improve your security and expand your business – it’s a win/win situation.
About the Author
David Steele is the MD of SecuriCentrix and a Cyber Security Analyst. Founded in 2010, SecuriCentrix has grown to become a global Security and Compliance service provider to organisations.
As a Service Focused Cyber Security company, SecuriCentrix’s priority is to deliver the best client experience with minimal disruption while enabling highly effective operational cyber programs.
The firm has forged strong relationships with organisations across Africa, Australia, Europe, India, and the UK.