A recent Kaspersky global survey conducted among 1 307 decision-makers in companies with 1 to 999 workers shows that cybersecurity incidents pose almost the same difficulties as a dramatic fall in sales.
Thirteen percent of respondents from small and medium organisations find online attacks the most challenging. Research findings also suggest that the likelihood of facing a cybersecurity incident increases with the number of employees working in the company.
Small and medium-sized companies are great contributors to the global economy: according to the World Trade Organisation, SMBs represent over 90% of all businesses worldwide. At the same time, as the pandemic has shown, these companies can be particularly vulnerable to crises’ negative consequences.
To gain insights into which crises pose the biggest risks to small and medium businesses, Kaspersky interviewed decision-makers from companies with 1 to 999 employees from 13 countries all over the world. Although summarised data indicates cybersecurity incidents are the second-hardest type of crisis, exceeded by dramatic falls in sales, respondents representing medium companies (50 – 999 employees) evaluated both these types of crises as equally complex. Rent issues and introduction of new regulations seem the least challenging for both small and medium businesses.
IT security concerns aren’t unfounded, especially given that the probability of facing a cybersecurity-related problem rises as the company grows. While only 8% of organisations with 1 to 8 employees said they faced an IT security incident, this share increases to 30% among companies with more than 501 workers.
“Today, cybersecurity incidents can happen to businesses of all sizes and significantly affect their operations, profitability and reputation,” says Konstantin Sapronov, head of Global Emergency Response Team at Kaspersky. “However, as our Incident Response analytics report shows, in most cases adversaries use obvious gaps in an organisation’s cybersecurity to gain access to its infrastructure to steal money or data. This fact suggests that basic protective measures, accessible even to small companies, such as a robust password policy, regular updates and employees’ security awareness, if not overlooked, may significantly contribute to the company’s cyber resistance.”