Professional Documents
Culture Documents
Cybersecurity and SMEs
Cybersecurity and SMEs
Cybersecurity and SMEs
1
Cybersecurity in Small and Medium Enterprises
Author Names
SHORT PAPER TITLE 2
Cyber-attacks in Small and Medium Enterprises (SME) have been on the rise for the past
Technology has largely contributed to the rise of cybercrimes perpetrated on these small
enterprises. The reaction of the small business owners to cybersecurity issues has been relatively
low and this has made the SME industry a favourable ground for hackers. SMEs need to
prioritize cybersecurity in their respective companies. Generally, SMEs put little effort into
trying to counter cyber-crimes as most believe that SMEs carry less financial gain for hackers to
be interested in SMEs.
Cyber risk is not a new notion in modern society but many companies, particularly small
and medium-sized enterprises may not be mindful of the actual and devastating impacts of a
cyber-attack. The small and mediums businesses face quite a number of cyber threats and risks.
Gone are the days where cyber-attacks only targeted large cooperates and companies; in today’s
world, any business large or small can be a potential target of a cyber-attack. The reluctant
attitude of small and medium business owners towards cybersecurity has resulted in SMBs being
a top target because they lack comprehensive cybersecurity strategic plans to protect their
Ransomware, phishing, and insider threats continue to top the list of cyber-attacks
targeted on companies and governments. Data leakages have also been on the rise. These are all
potential cyber risks that are likely to cause damage to SMBs. It is therefore of paramount
importance that SMBs prioritize the implementation of cybersecurity control measures to detect,
prevent, and mitigate cyber-attacks. Most of the afore-mentioned cyber-attacks leverage weak
access control systems to gain unauthorized access to internal organizational networks. The first
SHORT PAPER TITLE 3
line of defence hence involves making sure that users are who they say they are and they are
accessing the data that they are authorized only. Multi-Factor Authentication (MFA) is one key
function to ensure that users are who they claim to be. While authentication is the process by
which a computer validates the identity of a user (i.e. username and password), multi-factor
authentication adds a layer of protection and security against one of the most common types of a
n.d.). Multi-factor authentication has evolved as the single most effective control to insulate an
organization against remote attacks and when implemented correctly, can prevent most threat
actors from easily gaining an initial foothold into your organization, even if credentials become
With most employees having to work from home, new attack avenues for cybercriminals
have also surfaced. SMBs must consider secure ways for their employees to access company
resources over secure tunnels. One technology that offers this service is Virtual Private Networks
(VPN). VPN is a private network that operates over a public network transit the encrypted
information so that attackers are not able to use it. The purpose of VPN is to provide the different
security elements such as authenticity, confidentiality, and data integrity(“The Vital Role of
Virtual Private Network (VPN) in Making Secure Connection Over Internet World,” 2020).
SHORT PAPER TITLE 4
References
The Vital Role of Virtual Private Network (VPN) in Making Secure Connection Over Internet
World. (2020). International Journal of Recent Technology and Engineering, 8(6), 2236–
2339. https://doi.org/10.35940/ijrte.f8335.038620
Why Multi-Factor Authentication Is a Must | LBMC Security. (n.d.). Retrieved July 31, 2020,
from https://www.lbmc.com/blog/why-multi-factor-authentication-is-a-must/