Visiting some of the Cyber Security exhibitions last week, it became ever more clear that SMEs are in danger of being overwhelmed and unprepared in the cyber abyss.
There has been a massive explosion in recent years in the sheer number of buzzwords, platforms, security vendors and consultants. Organisations are being convinced they need numerous solutions (up to 30), and the more they have, the more that can go wrong!
In the hype-fuelled cyber security industry, it can often be forgotten that the threat landscape cannot be dealt with by technology alone. People and processes are just as important, BUT simply finding the time to manage Cyber Security is a key problem for many SMEs.
In a recent survey by Arctic Wolf, 73% of SMEs felt they lack the capability and expertise to withstand a cyber-attack. Over half admitted that cybersecurity issues are regularly deprioritized on favour of other business activity, while a third said they don’t have time to keep across every threat or alert.
39% of businesses in the survey claimed they are overwhelmed by the sheer volume of security alerts they receive, with some receiving up to 75 alerts a day..
Even when companies do have the resources to invest in people, they are met by a cybersecurity skills shortage.
The human element is critical to getting cyber security right. If you don’t measure it, its not managed. If you lack the talent, ultimately you are playing security by chance instead of security by choice!
Returning to work
When the pandemic hit last year the workplace shifted, creating a Cyber Security nightmare for some companies. 65% of medium-sized businesses said they had had at least one attack or breach during 2020.
But, as the world begins to get back on an even keel and hybrid working becomes the ‘new normal’, even for SMEs, there will be more risks to face.
Well over half (61%) of UK employees use their own mobile phones for work, while 44% use their laptops. Ensuring remote management and keeping systems up to date is key but requires strong leadership.
How organisations handle the human aspects of security is just as important as their technical work.
Education and Conversation
A large part of managing the risk entails managing the people and embedding the concept that security is an element of every employee’s role, not just those in IT.
Rather than go into denial mode, organisations need to overhaul their security systems to reflect reality.
How does a SME do this – by leading from the top, educating themselves as much as possible, and selectively outsourcing to help build a strategy and create a Cyber Security conscious culture.
The chances of being impacted by a business-crippling attack is rising every day, hence the continuing growth in the Cyber Security market and the number of companies operating in it.
At Infintec, we work with tech businesses to assess and fulfil their potential. Cyber Security is one of our key areas of focus, and being a SME means we understand what the SME market needs .
Our services include full Technical and Commercial Due Diligence, helping to position the company within their market space and evaluate their potential.
Companies need Cyber Security technology – and there are a lot of companies offering solutions. Our role is to identify and help the better ones grow faster.