// EXPERT PROFILE //
How SMEs should protect themselves
FROM CYBERSECURITY ATTACKS
It ’ s often easier for hackers to get into the systems of smaller companies – they can be seen as ‘ easy pickings ’ compared to larger corporates . Here , Stefan van de Giessen , General Manager : Cybersecurity at Networks Unlimited Africa , unpacks why and how SMEs should protect themselves from cybersecurity attacks .
“
SME OWNERS AND MANAGERS
ARE ALSO OFTEN UNDER THE ILLUSION
THAT ‘ IT WON ’ T HAPPEN TO
ME ’ AND THAT CYBERCRIMINALS ARE ONLY AFTER
THE BIG GUYS .
MALL AND MEDIUM
S enterprises ( SMEs ) are widely acknowledged as playing a critical role in South Africa ’ s economy and yet they are also potentially more at risk in terms of their ongoing survival than larger enterprises . According to a recent McKinsey report , SMEs in South Africa employ between 50 and 60 % of the country ’ s workforce across all sectors . At the same time , SMEs arguably face a number of challenges , which can potentially weigh on them more heavily than on larger enterprises .
These particular areas of concern include attracting customers ; maintaining profitability ; increasing revenue ; facing greater uncertainty during economic down-turns and securing financing for expansion . Now add in the issues around technology enablement and security , and it can all start looking a little bleak .
It can happen to you
Small businesses can actually be significant targets for cyberattackers , because a weaker security posture makes them more vulnerable to hackers – they can be seen as ‘ easy pickings ’. If an SME lacks the time and money to sort out its security properly , we frequently find situations in which the business owner / manager tries to buy the cheapest product off the shelf , then installs it and hopes that it works optimally .
SME owners and managers are also often under the illusion that ‘ it won ’ t happen to me ’ and that cybercriminals are only after the big guys . This , however , is not necessarily a true reflection , because it is often easier for hackers to get into the systems of a smaller business .
A hacker will frequently use a phishing email to infiltrate the SME ’ s network – it ’ s all done via targeted spear phishing emails . We also know that hackers may have it easier with the smaller organisations – employees are more likely to click on the emails as they are less educated about phishing threats than employees in the larger corporations , where the tools and education around the dangers of phishing attacks are generally in place .
Having infiltrated the network with a phishing email , the hacker then follows this up with a ransomware attack , targeting data which is an organisation ’ s lifeblood . A smaller and unprotected or less protected SME is more likely to give in to the ransom demand . In contrast , larger corporations generally have the ability to roll back to a pre-attack situation and are able to continue functioning , even during such a ransomware situation .
34 intelligent
. tech
Intelligent SME . tech