This websites uses cookies, by continuing to browse the site you are agreeing to our use of cookies. View our privacy policy.

020 7205 2211

0117 924 4408


SMEs have become the new soft target for hackers

For many years, small businesses were safe from sophisticated cyberattacks.  Limited financial resources and obscure nature of their brands have always worked in favour of SMEs to keep off cyberpunks. Not anymore.

Today, if you make money, you have a target on your back. Small and Medium sized business have become more lucrative targets for hackers. This is so because cybercriminals know that SMEs have lesser resources to protect themselves than large enterprises.

According to experts, the trend of SMEs getting hacked rose threefold in 2012 from the previous year. Going forward, 60% of the cyber-attacks reported today targets SMEs. To elaborate how common this is, a panel of cyber experts (attending the “Hacked: The Realities of a Cyber Event” in Washington, D.C., USA) said that one in two companies has reported being a target of hackers.

Why always me?

The soft target point of hackers targeting SMEs is the phrase “Bring Your Own Device” (BYOD). This is a growing trend of employees bringing their own computers and other networked devices to work and using them both for private activities and work related activities. As much as BOYD is cutting costs, in the form of equipment purchase, it creates a variety of security risks to the business owner.



The following are the five weak points for small and medium enterprises

  • Lack of a threat detection system – this is a system that is meant to raise an alarm in case of a potential breach or threat. It is important to attach someone to monitor the company’s system and respond immediately when a threat is detected.
  • Open source and free software – Some free software makes your data more vulnerable. Before using any free software, research on the risks it poses to your company
  • Data encryption – encrypting the computer storage, especially the BYODs, can render a breach useless. But a sticky note with the decryption key can burn that bridge down.
  • Vendor mismanagement – Some vendors mismanage the data entrusted to them and thus endangering the whole. The key is choosing a reputable vendor to deal with.
  • Software updates and patches – keeping software up to date and applying official patches to security software… this should be basic


So how do you protect yourself from the growing threat of hackers?

Besides the five weak points mentioned, the first step in protecting yourself is to be cognizant of the risks your company faces. Depending on your line of business, and putting yourself on a hackers shoe, you can be in a position to isolate “assets of interests” to hackers and potential avenues that hackers can access them. Most of the breaches occur when employees ignore security protocol like secure passwords, email scams, etc. Ensure to draft a plan to mitigate such risks should they occur.

Second, you will want to increase your budget on online security depending on how valuable your data is important to your business.  You don’t need to break the back to implement a successful system. Remember like earlier mentioned, a sticky note with a password reminder can undo the benefits of an expensive security system.

Bring your employee on board. Teach your employees how to create a strong password, protect their devices from theft, etc. Hackers love to work their way out from the inside. Stealing employee credentials may allow hackers to disguise themselves as legitimate business partners and clients. And again, not all threats are external. A disgruntled former employee can pose more harm than a professional hacker!


With cyber-attacks becoming more of “when” rather than “what if”, you will need to have action plans when the inevitable happens…. Over half of the SMEs who have been breached are pushed out of business within six months.

10 March 2016

logo-aprc logo-team