Cybersecurity has become a top concern for small and medium enterprises (SMEs) and nearly half (48%) of SMEs have experienced at least one cyber incident in the past year.
This is according to a new survey from accounting and payroll software provider Sage.
Roche Healthcare, one of Sage’s customers, is one of the SMEs that has recently experienced such an incident. Cindy Cleasby, a Roche spokesperson, shared her experience during a Sage event in London: “Two months after we decided to change our data hosting servers, the provider we were working with, who was hosting most of our data, was hit by a cyber-attack. They shut down the systems for six months, meaning we had to do a lot manually during that time, including invoices.”
Some companies surveyed by Sage were even more unlucky, with one-fourth (25%) of respondents saying they had to go through several cyber-attacks over the course of one year.
Cybersecurity Is a Priority for SMEs
According to the Sage survey, Cyber security for SMBs: Navigating Complexity and Building Resilience, most SMEs have developed a cybersecurity posture. For instance, 81% have implemented more than simple basic security controls.
A significant share of SMEs also has a sense of developing cyber resilience, with 58% declaring they were backing up their data.
Other findings in the report also show that cybersecurity is one of SMEs’ priorities, with two-thirds estimating that cybersecurity was part of their culture and four in 10 respondents saying they regularly discussed cybersecurity.
What Are the Challenges of Cybersecurity for SMEs?
The complexity of digital transformation makes it challenging for smaller firms to stay on top of security.
One significant challenge is remote working: while 81% of UK respondents said they have a process in place to manage cybersecurity risks for remote workers, only 53% closely monitor it. One-fourth (25%) of UK companies with a remote working security process admitted that some of their staff members weren’t following it.
Similarly, cloud migration poses many challenges for SMEs. Over half (52%) of respondents to the Sage survey said they were not fully confident about using cloud services for security reasons.
Kathryn Heath, a finance administrator at St George's Church in Leeds, said that managing these complex IT environments feels “quite chaotic” for an organization like hers.
“I’m beginning to feel like I know just enough to be concerned. For instance, before talking to the person responsible for the security of our systems, I didn’t feel well informed about how complex our systems are, with the cloud, the data storage, the drives and the bespoke software we are running,” she said during the London event.
“We recently brought in a new contractor for our booking management system. An awful lot of research went into functionalities, price, easy use of customers and business benefits, but I can’t remember security being part of the discussion. We would assume that if we chose a reputable provider, good security measures are going to be in there.”
Meanwhile, the cyber threat landscape is also evolving rapidly, with phishing getting more targeted and ransomware getting more sophisticated.
This is one of the most significant concerns for SMEs, with half (51%) considering keeping on top of new cyber threats is their biggest challenge.
SMEs Want More Support to Improve Their Cyber Posture
However overwhelmed SMEs are with keeping up with technology and today’s cyber-threats it poses, the Sage survey also showed they are willing to improve their security posture.
For instance, 68% of respondents said they would use a more expensive supplier if it demonstrated superior security.
No tags.