Cyberattacks are becoming customized and hackers are also becoming intelligent. All of this is happening to target vulnerable entry points and MSMEs and SMEs as a segment posses several such vulnerabilities. Discussing some contemporary cybersecurity trends among SMEs, Anshuman Sharma, Associate Director CSIRT & Investigative Response, APJ, Verizon explained insightful information in an exclusive interview with Faiz Askari, Founder and Editor of SMEStreet.
Here are the edited excerpts:
Please elaborate on the nature of cybercrimes that SMEs face, pertaining to crime patterns, motives, data compromise, frequency in the APAC region.
Cyberattacks on SMEs/SMBs in the APAC region exhibit distinct patterns, with System Intrusion, Social Engineering, and Basic Web Application Attacks dominating, constituting a substantial 92% of all attacks according to the findings from Verizon’s DBIR 2023. The primary motive behind these attacks is financial gain, with a staggering 98% of breaches driven by monetary motives. These attacks frequently result in data compromise, affecting 54% of customer credential data and 37% of internal data. This alarming frequency of attacks on SMs highlights the critical need for enhanced cybersecurity measures, as they represent over 56% of all cyberattacks. Cybercriminals are keenly aware of the vulnerabilities within these organizations, making it imperative for SMEs to bolster their defenses, leveraging expert guidance and cost-effective solutions to safeguard their digital assets.
"SMEs might not have the same level of awareness or priority when it comes to cybersecurity, further increasing their vulnerability. It's crucial for SMEs to recognize their unique challenges and seek cost-effective cybersecurity solutions."
Both SMEs and large companies are using similar services and infrastructure for cybersecurity which also leads to convergence of attack profiles. So, why are SMEs more susceptible to cyberthreats?
While both SMEs and large enterprises may use similar cybersecurity services and infrastructure, SMEs often face greater susceptibility to cyber threats due to resource limitations. Large corporations typically have dedicated cybersecurity teams, substantial budgets, and the capacity to invest in high-end solutions. Conversely, SMEs may lack the financial resources to implement comprehensive security measures and often have limited IT and cybersecurity staff. This imbalance makes them attractive targets for cybercriminals who perceive them as easier prey. Additionally, SMEs might not have the same level of awareness or priority when it comes to cybersecurity, further increasing their vulnerability. It's crucial for SMEs to recognize their unique challenges and seek cost-effective cybersecurity solutions.
What are the latest trends in cybercrime that SMEs and MSMEs should be aware of?
In the ever-evolving digital landscape, small and medium-sized enterprises (SMEs) and micro, small, and medium-sized enterprises (MSMEs) are increasingly falling prey to cybercriminals, raising significant concerns about their cybersecurity. Presently, the primary cyber threats confronting these businesses encompass System Intrusion, Social Engineering, and Basic Web Application Attacks, collectively responsible for a substantial 92% of cybersecurity breaches. Notably, human error emerges as a major catalyst, contributing significantly to 74% of these breaches. Cybercriminals have honed their focus on exploiting the vulnerabilities inherent in smaller businesses, often employing sophisticated social engineering tactics. The absence of comprehensive employee training further compounds this risk, as employees may inadvertently enable these attacks by clicking on malicious links.
What are some of the most common mistakes that SMEs make when it comes to cybersecurity?
SMEs frequently encounter several common pitfalls in their approach to cybersecurity. One of the foremost is the lack of comprehensive employee training, often resulting in staff inadvertently facilitating cyberattacks through actions like falling for phishing scams. Additionally, many SMEs underestimate the importance of regularly updating their software and systems, leaving vulnerabilities unaddressed. Moreover, not having a well-defined incident response plan can result in ineffective reactions to cyberattacks. Lastly, insufficient budget allocation for cybersecurity measures can be a costly mistake, as the financial toll of a breach can far exceed preventive expenses. Recognizing these common errors is essential for SMEs to take proactive steps toward bolstering their cybersecurity. At Verizon, we offer tailored solutions and expertise to help SMEs bolster their cybersecurity defences and protect their valuable assets.
With budget constraints, SMEs often cannot afford high-end architecture and tools for managing cyber-attacks. What is the viable line of defence that they should adopt?
Budget constraints can make acquiring high-end cybersecurity architecture and tools difficult for SMEs. However, they can employ a viable line of defence to safeguard their digital assets without breaking the bank. To begin, it is critical to invest in cybersecurity essentials. Human error is a significant factor in breaches, so comprehensive employee training is necessary to foster a security-conscious workforce. Regularly updating software and systems to patch vulnerabilities, enforcing strong password policies, and implementing robust access controls are all fundamental practices that don't require a lot of money. Furthermore, SMEs can benefit from collaborating with cybersecurity providers who provide tailored solutions and expert guidance tailored to the specific needs and budget constraints of smaller businesses. SMEs can significantly improve their digital defences and protect their valuable assets in an increasingly difficult threat landscape by taking a proactive approach to cybersecurity and making prudent investments.
How is Verizon Business helping small businesses with their cybersecurity solutions?
We are committed to supporting small businesses in enhancing their cybersecurity defences. We understand the unique challenges they face and offer tailored solutions that are both effective and budget-friendly. We at, Verizon Business aim to be a trusted partner for small businesses, helping them navigate the complex cybersecurity landscape and safeguard their digital assets. One way Verizon is helping the SMEs is by training and awareness programs tailored to the customer