Skip to main content
  1. Home
  2. Blog
  3. Cybersecurity myths – “Cybercriminals...
  • 43 % of all data breaches involve small or medium-sized businesses (SMEs)

  • SMEs need to stay educated and informed about current cyberevents

  • Investing in a cybersecurity partner can be of critical importance

60% of small businesses that are victims of a cyberattack go out of business within six months.

Larger enterprises are well-known for falling victims to cyberattacks, meanwhile smaller once have a tendency to think that they can remain safe. It is therefore important to look at statistics revealing that 43% of all data breaches involve small or medium-sized businesses (SMEs), this according to Verizon’s 2020 Data Breach Investigations Report.


There are many factors making SMEs  perfect targets for cybercriminals. Big companies are known for using sophisticated cybersecurity tools and techniques, which makes it difficult for criminals to attack them. Smaller companies, on the other hand, are seen as easier targets due to the fact that they often lack resources and security awareness.


Smaller businesses usually invest less in IT security and tend to be less likely to educate their employees in how to stay safe online. Employees might not know how to correctly handle confidential information and valuable company data, making them vulnerable to social engineering.


Furthermore, it is common that SMEs are connected electronically to IT systems of larger partner organizations. Criminals may use this fact to their advantage and penetrate the smaller business as a way of accessing their final target. Statistics also show that SMEs also are more likely to pay a ransom than larger enterprises. They often prefer paying the fee instead of risking a long period of other potential business damages. This is specifically true for businesses without relations to any cybersecurity specialists, according to Forbes.


Tactics to stay safe


SMEs should regularly educate and inform themselves about what is going on in the cyberworld. To stay safe, it is necessary to take certain actions in consideration. First of all, a business gets far by creating internal protocols, increase authorization requirements and give guidelines to employees with access to confidential and secure data. Having a plan and an overview about how information is handled is of great value, reporting ENISA.


It is also important to invest in safe methods of communication, by using a cybersecurity service provider and create clear guideline for product usage. By doing so it is possible to keep data safe even if an employee fails to keep up with security requirements.


Investing in a cybersecurity partner can also be of critical importance.  A professional partner can assess a business digital risk, and their expertise and tools can help finding security gaps and protect the business from possible threats. Other easy applicable ways for a SME to stay on the safe side are by regularly updating all software and hardware and backing up critical data, which could help to block criminals from taking advantage of holes in a business security, according to Cox Blue. Furthermore, providing regular security training for employees can be a game changer for a SME. Giving employees proper training in how to stay safe while performing daily tasks is likely to have a significant impact on the digital safety of a business. After all, around 60% of all data breaches take place within a company and due to human errors, something we will take more about it upcoming posts.


In conclusion, SMEs are common targets for cybercriminals and actions need to be taken in order to prevent them from becoming victims of attacks. No matter the size of a business, it is essential to prioritize cybersecurity.