The Resilience of SME Businesses to Cybersecurity Threats
With these ongoing cyber challenges in mind, the World Economic Forum’s Cybersecurity Center has published the Global Cybersecurity Outlook 2022 report, which contains predictions and critical insights from over 120 experts around the world. What are their main conclusions, concerns, and forecasts? Let’s find out!
Closing Gaps in Cybersecurity
The WEF study identified three major gaps in perception between security-focused executives (data security specialists) and business leaders (CEOs). These differences are most noticeable in the following areas:
1) Support of the cybersecurity measures by CEOs
84% of respondents say that security measures are considered a priority in their companies only under the support and guidance from top management, however, fewer respondents (68%) consider cyber resilience as a key part of overall risk management. As a result, many cybersecurity specialists continue to claim they are not consulted in making business decisions, which can make it difficult to identify and mitigate security risks and lead to less secure decisions. For example, when it comes to massive export mac mail to outlook, little attention is paid to the selection of secure software.
2) Priority of cybernetic solutions in the business
While 92% of business leaders surveyed believe that decent cybersecurity measures are integrated into the risk management strategies of their companies, only 55% of the responsible executives surveyed agree with them.
3) Hiring and retaining talented cybersecurity professionals
The WEF study showed that 59% of all respondents find it difficult to adequately respond to security incidents due to the lack of qualified specialists in their team. While a majority of respondents cited recruiting and retaining talented employees as the biggest challenge, CEOs don’t seem to be as aware of these issues as their security colleagues. They consider their ability to respond to an attack one of their main vulnerabilities.
4) The increasing ransomware threat
The report confirms that ransomware attacks are the focus of attention of cybersecurity employees. Over 50% of respondents said ransomware is among their largest concerns when it comes to cyber threats. In addition, 80% emphasized that this type of attack is a danger to public security. They are becoming more frequent and more sophisticated, followed by social engineering attacks – the 2nd largest concern for cybersecurity experts.
5) The malicious activity of insiders
It often happens that a certain organization is exposed to malicious insider activity, coming from current or former employees, contractors, or unreliable business partners who abuse their authorized access to critical information.
WEF research shows that small and medium business (SME) cyber resilience is considered a serious threat to supplying goods, partnerships, and business processes. In this survey, 88% of participants indicated that they are concerned about the cyber resilience of SMEs in their ecosystem. In addition, nearly half (48%) of participants think that AI and machine learning will bring the biggest change to cybersecurity in the following years. Indeed, these technological developments will almost certainly affect the already existing imbalance between attackers and defenders.