Introduction
The often overlooked yet backbone for the Australian market – is small and medium-sized businesses (SMBs). SMB’s don’t often get spoken about in the media in relation to cybersecurity (perhaps we [KBI.Media] is to blame). But in comes Kelly Sabo, Head of SMB and Mid-Market ANZ at Cisco who shares light on the vulnerabilities and solutions critical for the survival and growth of SMBs in Australia.
A Grim Reality
SMBs face an alarming threat landscape, with an estimated 43% of cyber attacks targeting them. These smaller entities are seen as low-hanging fruit for cybercriminals, often perceived as having limited resources and lower security measures. Sabo elucidates a common misconception among SMB owners who believe they are too small to be targets,
“Many SMBs assume large businesses are more desirable due to more valuable data, but that’s far from the truth,” she noted.
The reality is Stark. SMBs can act as gateways into larger networks and supply chains, offering cybercriminals access to more extensive, more sensitive data. This chain reaction impacts the ‘big players’ and often companies at times overlook the importance and weight SMB’s carry in their supply chain.
Consequences of Complacency
The fallout from a cyber attack can be devastating. Sabo point out that up to 60% of SMBs may go out of business within six months of a cyber attack. This grim statistic underscores the urgency for SMBs to take cybersecurity seriously. Despite this, many SMBs still view cybersecurity as an ‘IT problem’ rather than a comprehensive business issue, often lacking incident response plans and a systematic approach to security.
The Illusion of Safety
Mainstream media’s focus on large corporate breaches contributes to SMBs underestimating their vulnerability. The challenge is exacerbated by SMBs’ resource constraints, making it harder for them to adopt little to any security measures that are embraced by larger enterprises. Recognising the growing threat landscape, companies like Cisco are stepping up to support SMBs. Sabo reiterated the necessity for ongoing employee education in cybersecurity, advocating for simplified, tangible training approaches.
“For people, it’s understanding the real cost of what a cyber breach could do to your business.” Adds Sabo. “Training must be consumable, with actionable checklists and short sessions that resonate with employees” she advises.
Actionable Solutions
When it comes to cybersecurity action points, Sabo offers pragmatic advice. She stresses the importance of multi-factor authentication (MFA), highlighting Cisco Duo’s popularity in the SMB space. Other recommendations include email security, web blocking, and performing regular risk assessments.
“Starting with these basics can offer a significant protective layer” Sabo asserts.
Leveraging AI and Managed Services
AI can help automate security tasks, reduce team workloads, and enhance overall security posture. Cisco’s AI solutions provide threat intelligence, automate threat detection, and offer 24/7 protection, a boon for SMBs lacking dedicated security staff. Additionally, many SMBs prefer outsourcing their cybersecurity efforts to managed service providers, who offer scalable solutions tailored to their specific needs.
Digital Transformation and Security
As SMBs drive to be a contestant with larger companies, new online attack vectors emerge. Sabo notes the increased risks for employees working over unsecured Wi-Fi networks compared to protected corporate networks. The digitisation process itself adds layers of complexity to an already overwhelming and complicated cybersecurity market for SMBs.
Budget-Friendly Security
Budget constraints remain a significant hurdle for SMBs. Sabo reassures that effective cybersecurity doesn’t necessitate enterprise-level costs.
“If you’re looking at a service to fit your budget for OPEX modeling, you’re paying the price of a cup of coffee per day. That’s not much in order to protect yourself in terms of what you actually need.” Sabo explains.
Industry Collaboration
Efforts to elevate SMB cybersecurity knowledge are ongoing. Cisco’s collaboration with the Council of Small Business Associations Australia and the use of free educational resources and checklists aim to equip SMBs to strengthen their defenses. Programs like Cisco’s Networking Academy offer practical, accessible security education tailored to SMB needs.