Visibility is Better Beneath the Clouds

31/08/2018 08:44:32
Small & Medium Sized Business Targeted by Cyberattack

Small and medium sized businesses face some unique barriers to their network security and arguably have the most to lose if their network is compromised. According to Barkley Blog article 5 Cybersecurity Statistics Every Small Business Should Know in 2018: 

Small Business bears the brunt of 58% of malware attacks
Small and medium-sized business lost an average of $2,235,000 in 2017
92.4% of malware is delivered through email
Fileless attacks are expected to experience 35% growth in 2018

Many small or medium sized businesses are forced to close their doors after a single successful cyberattack whether it’s due to loss of funds, personal customer data, non-compliance penalties or simply loss of consumer confidence. Just because your business isn’t an MNC doesn’t mean you are flying under the radar.  

Let’s take a quick look at some of the most pressing IT security issues facing small and medium sized businesses globally. 

Internal Threats continue to be a significant setback in smaller or medium sized organizations. While BYOD devices save costs for employers in the short-term, many businesses underestimate the value of having clear and enforceable BYOD policies, which could mean potential ruin for the company. With less granular control over where business-critical documents are stored and who has access to them, the more likely it is that a purposeful or accidental breach could occur. 

Phishing & Ransomware is a continuing problem in all business sectors regardless of size, but for organizations without a clear focus or a capacity to conduct in-house training on potential phishing risks, even one errant click on a malicious document could mean ruin. Cyber criminals are becoming more sophisticated in their attack methods, analyzing business practices and writing styles of employees and even using previously sent innocuous documents to embed malicious script. This presents a clear and present danger to any business – but while one phishing email in a large corporation with a dedicated IT department might be identified and damages mitigated quickly, smaller organizations could potentially never even know where the threat originated much less how to mitigate damages!

Regulatory Compliance is becoming an increasingly serious issue, as illustrated by the recent adoption of the GDPR in the EU. Hefty fines are being levied against companies (regardless of size) for non-compliance and a single mis-step could mean significant financial loss as well as loss of consumer confidence. It’s not outside the scope of imagination to think that many other countries will be following the GDPR lead and implementing stricter control policies on data collection, storage and safety – presenting a whole new gauntlet of regulations on smaller or midsized companies who simply aren’t prepared to deal with the added responsibility or cost. 

Cloud Security is a significant issue with many more businesses graduating from legacy storage methods and migrating to the cloud. While cloud capabilities are certainly the next step forward for all organizations, many companies are unaware of how to secure their cloud environment. Legacy protections are just that – legacy protections, not designed to provide a safe and secure cloud environment. 

Finances to pay or attract experienced talent is an issue for businesses with limited budgets. Small and medium sized businesses dedicate a significant amount of funds to salaries, infrastructure and marketing with little left over for IT which is still widely seen as an expenditure rather than a value generator. With a significant shortage of experience IT talent capable of managing today’s increasingly complex IT environment, many up-and-coming talents are searching for businesses who can pay them commiserate with their expertise and also allow them to work with developing technologies – legacy techniques simply don’t inspire todays newest and most talented professionals. 

How do you overcome these issues? 

Waiting to ask for help until you’ve reached “mission critical” status would be a mistake with most small and medium sized businesses being devastated and decommissioned after even one successful attack. For more information about how Sangfor can keep you fight fire with fire, please visit our website


Our Social Networks

Global Service Center: