Cybersecurity incidents and dramatic falls in sales are the most challenging types of crises to hit medium businesses
The Kaspersky global survey conducted amongst 1,307 decision-makers in companies with 1 to 999 workers shows that cybersecurity incidents pose almost the same difficulties as dramatic falls in sales. Thirteen percent of respondents from small and medium organizations find online attacks the most challenging. Research findings also suggest that the likelihood of facing a cybersecurity incident increases with the number of employees working in the company.
Small and medium-sized companies are great contributors to the global economy: according to the World Trade Organization, SMBs represent over 90% of all businesses worldwide. At the same time, as the Pandemic has shown, these companies can be particularly vulnerable to crises’ negative consequences.
To gain insights into which crises pose the biggest risks to small and medium businesses, Kaspersky interviewed decision-makers from companies with 1 to 999 employees from 13 countries worldwide [1]. Although summarized data indicates, cybersecurity incidents are the second-hardest type of crisis, exceeded by dramatic falls in sales, respondents representing medium companies (50 – 999 employees) evaluated both these types of crises as equally complex. Rent issues and the introduction of new regulations seem the least challenging for both small and medium businesses.
IT security concerns aren’t unfounded, especially since the probability of facing a cybersecurity-related problem rises as the company grows. While only 8% of organizations with 1 to 8 employees said, they faced an IT security incident, this share increases to 30% among companies with more than 501 workers.
“Today, cybersecurity incidents can happen to businesses of all sizes and significantly affect their operations, profitability, and reputation.” – comments Konstantin Sapronov, Head of the Global Emergency Response Team at Kaspersky. ”However, as our Incident Response analytics report shows, in most cases, adversaries use obvious gaps in an organization’s cybersecurity to gain access to its infrastructure to steal money or data. This fact suggests that basic protective measures, accessible even to small companies, such as a robust password policy, regular updates, and employees’ security awareness, if not overlooked, may significantly contribute to the company’s cyber resistance”.
To keep the business protected even in times of crisis, Kaspersky recommends the following:
- Use a security solution with a comprehensive built-in password manager. This will help to eliminate the possibility of a brute-force attack when an adversary attempts to gain access to your digital entry point by submitting many passwords or passphrases in hopes of eventually guessing correctly.
- security solutions need to be able to identify and block unknown malware before it is executed and should have a function that initiates automatic backup copy creation in the event of an attack;
- learn more about current threats and ways to protect their personal and professional life, and take relevant free courses. Conducting comprehensive and effective third-party employee training programs is a good way to save the IT department time and get good results.
The full report and more insights on small and medium businesses’ attitudes to crisis and tactics against it are available via the link.
[1] 1,307 interviews were conducted globally across 13 countries: UK, USA, Germany, France, UAE, KSA, Turkey, Indonesia, Thailand, India, Brazil, Mexico, and Colombia.
