Why Is Cybersecurity Important For Small And Medium Sized Businesses?

Image Source: http://arinos.in/blog/wp-content/uploads/2017/02/Arinos-Blog-Post-24_02_17.jpg ; Accessed Nov 14, 2017. When discussing enterprise cybersecurity, business owners are often flooded by technical assessments of how vulnerable they are to attack, and their increased risks in today’s digital marketspace. If the recent slew of ransomware attacks has taught us anything, it is that no company is immune or totally protected from cyber-attacks. Mainstream stories

Cheng Lai KiBy: Cheng Lai Ki, Oct 27, 2017
TwitterFacebookLinkedIn
Image Source: http://arinos.in/blog/wp-content/uploads/2017/02/Arinos-Blog-Post-24_02_17.jpg ; Accessed Nov 14, 2017.

When discussing enterprise cybersecurity, business owners are often flooded by technical assessments of how vulnerable they are to attack, and their increased risks in today’s digital marketspace. If the recent slew of ransomware attacks has taught us anything, it is that no company is immune or totally protected from cyber attacks. Mainstream stories about cyber attacks often focus on incidents suffered by large corporations, such as the Equifax hack earlier this year, because of its high-profile nature and impact on regional economics. However, incidents involving Smaller and Medium-Sized Enterprises (SMEs) don’t necessarily receive the same degree of coverage. So, why is cybersecurity important to SMEs?

The uncomfortable answer here is because they are often easy targets for cyber criminals.

Today, more SMEs join the digital revolution by bringing their business operations online via cloud services or other solutions built upon the Internet-of-Things. If you are the owner of an SME and are looking for tools to help with financial management or assist in logistical planning, there is probably already an app for that. With more attractive solutions make life easier for SMEs, competition naturally gets fiercer. Therefore, most businesses regardless of size, are often preoccupied with how they can maximize sales, enhance operational efficiency or expand into new markets; and potentially decreasing the amount of attention towards ensuring their online security.

 

Understanding the Threat

Cyber criminals bank on this very notion of a reduced security focus amongst SMEs to gain access to the treasure trove of sensitive data (i.e. Financial Details and Client Information) held by a target with much less stringent security countermeasures than larger enterprises. Possessing a wide range of tactics and arsenal at their disposal, they can: con their targets through social engineering, where they pretend to be an interested client or employee; or directly target weaknesses on websites to gain access, infect the network and later ransom your digital assets — otherwise known as ransomware.

Despite the slew of fancy terminology littered throughout cybersecurity discussions, at its core, it’s underlying intentions are no different from that of your conventional burglar. Aside from the obvious technical differences, the classification of threats faced by SMEs today are no different from those experienced by our folks back in the old days. Who locked away ledger-books or rolodexes in safes, and made sure all access points to their shop were secure or even monitored by surveillance systems. Within the context of cyber crimes, the crimes themselves haven’t changed but have —  like SMEs  — adapted to the times and gone digital.

 

Understanding the Ramifications

Ramifications of suffering a cyber attack can vary depending on the SME’s geographical location, but essentially falls into the same categories. First is financial loss. Either directly from the security breach itself or from follow-on effects after suffering the attack, the financial losses incurred from a cyber attack can be severe and hard to recover from. In some cases, such incidents are not necessarily covered under their insurance plans. Second is reputational loss. Regardless of size, all victimized enterprises will suffer irreversible reputational damage which can severely hinder a company’s survivability and capabilities to win future contracts. Third is legal repercussions. Depending on where the breach occurred, SMEs could be privy to different legal ramifications that exacerbates already existent financial and reputational losses. Whilst larger enterprises may possess the equity to survive these ramifications after a cyber-attack, the same cannot be said of SMEs, given their relative size.

Within the larger contexts, a compromised SMEs can have significant ramifications on the national economy and security. In countries  —  like Singapore  —  where SMEs are actively considered to partner alongside Fortune 500 companies or government agencies, their inherently weaker state of security can also be exploited as part of a larger campaign targeting more secure networks.

 

So, what now?

Luckily for SMEs, there are a slew of security products and services that can help protect them from digital harm. These can range from: i) anti-malware products SMEs can easily purchase and install onto their business networks that work passively behind-the-scenes; ii) compliance with certifiable industry best practices, such as the Cyber Essentials program in the United Kingdom, to ensure they are implement cybersecurity best practices; or iii) contract out their network security to specialist firms providing active and adaptive security countermeasures.

As more cities continue expand and develop alongside the digital revolution, cybersecurity is increasingly important for everyone and not just businesses. Criminals have already picked up on this and updated their tactics, so SMEs must do the same. At the end of the day, all businesses are still communities of individuals working together to achieve a dream and the security of that dream is shared by all.

Cheng Lai Ki
By: Cheng Lai Ki, Oct 27, 2017

Cheng Lai Ki is a Cyber Operations Consultant in Horangi’s headquarters in Singapore. Equipped with advanced degrees in Criminology, Intelligence, and International Security, he brings with him over eight continuous years working and researching in the security field. He was a former military officer from the armed forces, where he was an instructor specializing in strategy and operational tactics. Professionally and academically published within the field of cyber security in Europe and Asia, Cheng Lai Ki brings a unique cross-industry and interdisciplinary perspective towards cyber security. He is actively involved in Horangi’s intelligence, security management and incident response operations with clients in the APAC region.

TwitterFacebookLinkedIn

Subscribe to the Horangi Newsletter.

Hear from our Horangi tech experts as we go deep into up-and-coming cyber threats, new solutions, and talk about the future of cybersecurity.