The journey to SME cyber security
The journey to SME cyber security
Former FBI director Robert Mueller has a nice quote in that scope: “There are only two types of companies: those that have been hacked, and those that will be”. Cyber attacks are a big issue nowadays; we hear about it across all platforms, whether it’s articles in the (news)papers, on television, or social media: just yesterday a good friend posted on a social network that his phone and accounts were hacked, wondering what he could do about it.
But, it was a trip to the garage that lead to starting a cyber security platform. In the summer of 2019, I needed to service my motorcycle. However, when I arrived at the garage, I was told that they were experiencing a ransomware attack on their machines. The garage had no means of cyber defense, and admitted that they lost a week’s worth of data, and that they had to buy new machines for their business. Later on that week I encountered a notary office, that evidently experienced the same thing a week before. That’s when I knew it was time to act!
The findings astonished me
The deeper I dove it became clearer how fragile the SME market is. In the Netherlands alone, there are more than 440.000 small and medium businesses. According to Forbes 58% of the SME’s where hit by cybercriminals. Another interesting fact is that around 85% of small business owners underestimate the threat cyber criminals pose to their business, and are actually confident that their business will not subjected to an attack. At the same time, reports show alarming number of businesses that have not recovered from a cyber attack and had to close.
Once I knew these numbers, I had to ask myself two questions:
The first question being, why SMEs did not seem to protect themselves properly, and the second one was, what are the major threats to those businesses?
The answer to the first questions actually has several layers. Most business owners do not believe that their business is lucrative enough for hackers, not realizing or unaware of the amount of automated attacks that are already out there – which will not be stopped by a traditional antivirus. However, at the same time, some SMEs carry large amounts of consumer data, that they are obligated to protect by GDPR, and the repercussions of the penalties the Netherlands and the EU have put in place, can be devastating to small and medium-sized enterprises. On top of that, there are the costs; most cyber security products are made for large organizations and considered to be too costly for the SME market - which seems unfair. Lastly, SMEs lacking protection can sometimes be the result of a misconception that IT and Cyber are essentially the same. These companies rely heavily on their external IT provider, that most of the time does not have the expertise in place to enhance cyber security, nor is it their main business.
In regard to the second question, the major cyber threats that SMEs face today: the number one threat remains phishing emails, followed by ransomware, malware attacks, password administration and internal threats such as download policies, former employees, and others. This isn’t just overcome by implementing a full-on security stack, but also benefits from extensive awareness programs, that allows for all employees, on all levels, to be trained on physical and cyber security.
After I gathered all information on the SME cyber security market and analysed it, I decided it was time to actually take action and meet the SMEs demands. In founding MKB Cyber, we took on a mission to find the right protocols and solutions for the market. We have opened a security platform that meets the immediate requirements that SMEs have to have in place, which is unique and affordable to all size companies, and, moreover, we help businesses to create internal policies and recovery plans.
I am excited to launch our SME cyber platform that will help our clients to feel safe, secure and to run their business successfully and with a clear mind. So we can make sure you’re not becoming a part of the statistics.
Sources: