Small and medium businesses (SMBs), one of the fastest growing segments in India, need to take a more proactive approach to cyber security, according to experts at leading cyber security firms.
According to these experts, SMBs are as vulnerable as large enterprises but often lack the resources to tackle an attack or absorb the losses.
A study on cloud security by Ovum Asia-Pacific, points out that SMBs in India with more than 200 employees are not prepared for cloud-related cyber security threats and assume that public clouds are secure by default.
Another study released by Sophos revealed that 66% of Indian business decision makers lack cyber security awareness and expertise as major challenges.
“SMBs often assume that their comparatively small size leaves them at a lesser risk from cyber attack, as a result of which many don’t invest in adequate training and solutions," said Rajesh Maurya, regional vice president, India & SAARC, Fortinet, an integrated and automated cyber security solutions firm.
According to a 2019 study by Ponemon Institute, 66% of SMBs globally reported a cyberattack within the past 12 months. The report also suggests that the cost of damages caused by a cyberattack outweighs the cost of investing in solutions to prevent it.
SMBs typically face cyber threats such as ransomware, data breach, and point-of-sale (PoS) malware. Ransomware, a malware that typically blocks a user from accessing his system or files until a ransom is paid, is common among SMBs that “often provide an easier target for cybercriminals, while potentially having enough resources to pay the ransom," said Nilesh Jain, vice president, Southeast Asia & India, Trend Micro.
“The limited ability of SMBs to address a data breach makes it a major problem for these organizations. And, given the lack of resources and manpower, SMBs might not regularly check their PoS devices for compromise," Jain said.
Experts believe SMBs must proactively turn to artificial intelligence (AI)-based cloud security solutions that help them with predictive security threat analysis and redressal.
“The cyber security industry is increasingly relying on AI and its subset, machine learning, to defend against threats as AI provides real time, zero-hour detection of new threats and protection against the broad range of threats including spam, ransomware, exploits, and targeted attacks," said Jain.
Given cyber security skills are in shortage, AI can reduce the workload of cyber security analysts by intelligently automating the manual tasks and prioritising the risk areas for attention, said Anil Bhasin, regional vice president, India & SAARC, Palo Alto Networks. “This helps in redirecting human efforts towards higher-value activities."
While cyber security is a constant challenge, the covid-19 pandemic has surely given an edge to cyber criminals trying to exploit people’s fears. “The most common and widely seen crime is by conducting email scams, phishing and ransomware attacks. These emails and messages entice users to open malicious attachments by offering more information related to covid-19 but contain malicious files masked under the guise of links, PDF, mp4 or docx files," said Bhasin.
The covid-19 crisis has certainly shone a torch on the importance of cyber security, said Sunil Sharma, managing director sales, Sophos India & SAARC.
“With more employees working from home coupled with phishing scams using the pandemic as a hook, organisations need to be more diligent than ever in keeping their employees and business safe from cyber attacks," Sharma said.
Catch all the Business News , Corporate news , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
MoreLess