UK SMBs suffer disproportionately from cyber attacks, says Matt Aldridge, OpenText Cybersecurity
The commentary on the serious consequences of cyber attacks for UK SMBs, from Matt Aldridge, Principal Solutions Consultant, OpenText Cybersecurity. When large enterprises get hacked, it almost always makes headlines – yet research shows that the frequency and impact of cyber attacks on SMBs can be far more devastating, due to the lack of security expertise and infrastructure they are faced with. The below image from OpenText Cybersecurity’s annual Threat Report shows that smaller organisations suffer disproportionately from having their systems compromised.
The comment, Matt Aldridge discusses the security risks inherent in the SMB landscape and what these smaller organisations can do to protect themselves against pernicious attacks.
“SMBs are a sweet spot for hackers to exploit because they often lack cybersecurity resources, both technology and security expertise. Today’s complex threat landscape presents a huge risk to SMBs that don’t have sufficient cyber resiliency preparation to stop the spread and recover quickly from an attack. According to the recent SMB Ransomware survey from OpenText Cybersecurity over half (53%) of UK SMBs are worried about their cybersecurity budget shrinking amid rising inflation rates and 84% are concerned about a ransomware attack impacting their business.
A vital part of an organisation’s defence is employee education, which should be the bedrock of a security strategy. There’s no use in investing in sophisticated cybersecurity software and services, if employees are clicking on dodgy links which give cybercriminals access to a network.
Unfortunately, many SMBs still think they’re too small to be targeted by malicious actors, with 66% of UK SMBs don’t think or aren’t sure they are a ransomware target, which leaves them underprepared and under resourced when it comes to defending against attacks. This is even more important when dealing with remote employees who may be accessing the business network via personal devices.
To ensure protection, SMBs should look to implement remote cybersecurity training and the establishment of proper online etiquette guidelines for staff. Employee education will underscore an effective cybersecurity strategy and comprehensive best practice guides for passwords and system policies are critical to maintaining defences.
However, any training programme must focus on the frequency and method of delivery. Short sessions in five-to-ten-minute modules aka ‘microlearning’ improves information retention and fits into a busy lifestyle or workday. A more snackable approach to cybersecurity training mirrors how people are increasingly wanting shorter content whilst helping with concentration. In a world where employees crave career growth and development opportunities, microlearning provides a solution that suits time-poor schedules and will ultimately keep sensitive data safe, reduce stress and improve job satisfaction.”