Hackers know this, which is why they see small-to-medium sized businesses (SMBs) as low hanging fruit.
Attacks on SMBs are now reaching epidemic proportions, with the UK’s National Cyber Security Centre warning that SMBs face a 50% chance of being hacked. Unfortunately, no business is too small to be targeted.
In 2021, we saw high-profile incidents including attacks on critical national infrastructure like the Colonial Oil Pipeline and a record-breaking $70 million ransom demand from the REvil cybercrime gang following its compromise of the management software firm Kaseya. These are big attacks, with global ramifications.
But an attack on a smaller business can have a severe impact, particularly if it is forced to cease operations or suffers from serious reputational damage that can be caused by a major data breach. It's reported that up to half of SMB’s that suffer a data breach go out of business within six months, showing the massive impact cyberattacks can have on smaller businesses.
When hackers target SMBs, they can achieve the same goals as attacking larger organisations by extorting ransoms, stealing data, or spreading malware to new victims – meaning that very few businesses are unattractive to criminals. A newsagent that delivers newspapers or a beauty salon serving a local community has the names, addresses, and potentially bank details of its customers – which are valuable to criminals.
Even a lone entrepreneur working tirelessly from their garden shed is vulnerable, facing a “unique cybersecurity threat” due to the personal and financial data they possess, not to mention their intellectual property. This cybersecurity threat keeps business owners up at night because they know that the effects of an attack could not just be bad, but devastating.
The UK’s mid-market businesses are ‘more knowledge-based and less asset-heavy than they have been in the past’, says KPMG’s Mid-Market in 2030 viewpoint. It unsurprisingly predicts that technology and data will soon be at the heart of all businesses. Many of these businesses are fast-growth, with no dedicated cybersecurity staff whatsoever. With no time or money to dedicate to cybersecurity, time-pressed business owners often ignore the threat until it hits them in the face.
“While bigger businesses can often dedicate greater resources towards cybersecurity, mid-market businesses and entrepreneurs face the same cybersecurity challenges and threats with limited resources, capacity, and personnel,” the US Department of Homeland Security warned.
There is no shortage of cybersecurity solutions available to larger companies with access to financial resources and dedicated staff. But these enterprise-focused solutions are often too expensive for SMBs and too complex without a specialised security team.
As a result, smaller businesses often turn to disparate point products which protect one attack vector, such as email, but fail to protect web and cloud or offer secure authentication solutions such as multi-factor authentication (MFA). A focus on email is a wise move, because we know this is the source of 90% of targeted attacks.
One careless click can cause a business-wise disaster. But the rise of multi-channel attacks in which attackers use cleverly crafted links to draw people onto malicious websites or cloud apps means that point products are not enough.
Although the threats facing the mid-market are enterprise grade, there is hope. The rise of cybersecurity platforms is giving smaller businesses access to a wide variety of security solutions which can be managed from one single interface. This removes the complexity created by point products, which either don’t talk to each other or fail to overlap, leaving security vulnerabilities. An all-in-one platform solves both these problems.
Artificial intelligence and machine learning can also act as a force multiplier for security systems, working at speeds which are beyond human capacity. For large enterprises, AI can augment the work of security teams, saving them from time-consuming manual work caused by false alerts and minor threats.
For SMBs, AI and supervised machine learning can make up for the lack of dedicated teams by automating the investigation and remediation of threats, and flagging only those requiring human intervention. When AI is put to work protecting a company against digital threats, its owners can rest a little more easily and have confidence that their most valuable assets are being protected.
For the mid-market, the threat has never been greater. But the tools to protect them have never been stronger. Safety is available if you want it.
Gartner infographic.
Critical cyber security challenges.
How XDR is changing the game.
The insider threat that caused the security vs usability conundrum.
How a consolidated approach works.
Key insights and recommendations from Gartner.
Find out in this recorded webinar
The what, why and how of SASE
5 steps for defence
What they are and how to get them right
and how to overcome them
"The biggest cyber threat facing the UK"
![[Video] Plan smart: The future is SASE](/media/2slftnzv/shutterstock_707491003.jpg?anchor=center&mode=crop&width=900&height=650&rnd=133050302868900000)
The perimeter is no longer “entombed in a box”
Freedom. Visibility. Protection.
with this all-in-one solution
The state of the UK’s cyber security response
View white paper
Zero Trust and Beyond
How to protect your users with email security
Easing alert fatigue
Protect your data in the cloud
And the heightened insider threat
Threatening your business?
9-5 attention no longer cuts it
If it's left behind the cybersecurity curve
Protect your data in the cloud
Share this story
If you'd like more information about this topic, please let us know and we will be back in touch
Here’s a single security platform that seems to provide all you need to protect your business from cyber attack and, refreshingly, they don’t put it all down to AI.
Learn MoreLet us know what you think about the article.
Let us know what you think about the article.
We're a community where IT security buyers can engage on their own terms.
We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.
