Firms in the cybersecurity sector have been urged to focus some of their attention on small- and medium-sized enterprises (SMEs). Business can be extremely risky for these small companies, with even the slightest knock sending firms into administration; as a result, it is essential that SMEs look to cybersecurity to protect themselves from the rising number of online threats.
The call for more focus on smaller companies comes from the head of a British information assurance firm. Emma Philpott, the IASME Consortium’s chief executive, explained that there has been a lot of priority placed on high-end cyberprotection; however, many smaller firms have missed out. “The approach has to be simple, there must be no cyberspeak, SMEs should not be made to feel bad and the cost must always be as low as possible when engaging with SMEs,” Ms Philpott said. She added that the focus should remain on the positive steps startups and SMEs can take towards protecting themselves.
Many SMEs simply do not bother with cybersecurity, Ms Philpott explained. There are many reasons why this occurs, including the perceived high cost; in addition, many young firms are busy keeping businesses afloat and don’t fully understand the threat of cybercrime to their company. “Another key problem is that SMEs do not hear about other SMEs being breached in cyber-attacks, either because those SMEs targeted attempt to keep it quiet or they simply do not know that they were breached,” Ms Philpott explained.
As part of the efforts to ensure businesses are prepared for potential breaches, the British government created the Cyber Essentials Scheme (CES). Based on previous findings that many companies are breached because they don’t have security controls in place, CES seeks to highlight five easy controls that can be implemented. Once these controls have been rolled out, companies can seek CES certification to help with consumer confidence.
Although CES was rolled out in April 2014, it has been found that SMEs still have very little cybersecurity awareness. IASME has received accreditation applications from 460 firms, with CES accreditation given to 258 firms as a result; in addition, 171 companies have received combined IASME governance and CES accreditation. The majority of those applying have been from micro-organisations, which Ms Philpott says is “brilliant”. More must be done to ensure all SMEs understand the risks of cybercrime, however, and how they can bolster their defences.
Montash is a multi-award winning global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP Recruitment, BI & Data Recruitment, Information Security Recruitment, Enterprise Architecture & Strategy Recruitment , Energy Technology Recruitment, Demand IT and Business Engagement Recruitment, Digital and E-commerce Recruitment, Leadership Talent, Infrastructure and Service Delivery Recruitment, Project and Programme Delivery Recruitment.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.