Business magazine Forbes reported late last year that small and medium-size businesses, in particular, are most vulnerable to cyber threats. This is because the majority of them run legacy or outdated systems.
A 2019 report identified a worldwide trend of outdated and unsupported operating systems among SMEs, with the majority of devices (computers, laptops, tablets, phones) being exposed to risk. It showed that two-thirds of SMEs had no cyber security measures in place at all. Of the 4000 SMEs surveyed, most were running outdated Microsoft OS versions, and many of their security issues were to do with poor, or even no, encryption.
Key findings of the report showed:
- 75% of missing patches had been available for more than a year
- 42% of security issues were due to misconfigured encryption
- 66% of cloud workload configuration issues were due to weak encryption
- Commonly hacked TCP ports such as 22 (SSH), 443 (HTTPS) and 80 (HTTP), accounted for 65% of port vulnerabilities
When the pandemic hit in 2020, many businesses were unprepared. Offices shut down, employees took to working from home, and IT infrastructure needed to be altered to accommodate the work-from-home setups.
Two unforeseen IT challenges accompanied this remote-work shift. The first was that devices and data suddenly became more vulnerable in the cases where remote working setups didn’t match the security of the office environment. The second was that cyber criminals quickly took the opportunity to exploit these heightened vulnerabilities.
It isn’t too surprising that SMEs were hard hit this year, considering that:
- Their outdated operating systems would’ve put them at risk of cyber criminals
- They were easy targets of opportunistic pandemic-related phishing attacks
- They lacked the resources to handle remote security
- There was a general lack of awareness around cyber threats
Panda Security has compiled some astonishing stats about cyber security and the pandemic, the most noteworthy that: 1. Scams grew by 400% in March, making the pandemic the biggest cyber-threat in history, 2. Every day in April Google blocked 18 million malware and phishing mails related to the pandemic, and 3. Around 47% of employees fell for a phishing scam while working from home.
With devices at risk, company data was generally at risk too. But what many SMEs didn’t realise is that data management services are available. They operate in the cloud and make it easy to maintain control of your data protection and cyber security.
Cloud services are also well suited to SMEs because they’re scalable, so companies can increase or decrease their storage and memory immediately without having to lay out on capex.
As we all know from 2020 work-from-home scenarios, cloud services provide complete flexibility, with apps and files accessible from anywhere, and data is not held on the devices but in the cloud, so it’s safe from loss or damage. Apps and operating software also can’t be left to go out of date because patching and upgrades happen at source and are executed to all devices at once by the provider.
So, although the reports show small and medium-size companies to be the most vulnerable, they have access to highly effective solutions that minimise the growing risk of cyber attack.
Chat to us about cyber security to suit your company, or sign up for a free cyber security trial.
Do you have proper data protection in place?
New all-in-one cyber security and backup product gives more peace of mind