• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Facebook
  • Instagram
  • LinkedIn
  • TikTok
  • Twitter
  • YouTube
CDE Almería – Centro de Documentación Europea – Universidad de Almería

CDE Almería - Centro de Documentación Europea - Universidad de Almería

Centro de Documentación Europea de la Universidad de Almería

  • HOME
  • WHAT´S ON
    • EU BULLETINS
    • EU NEWS
    • Activities
    • EU Calls and Awards
    • Radio Program «Europe with You»
  • DOCUMENTATION
    • Bibliographic Collection
      • Almería EDC Digital Collection
      • UNIVERSITY OF ALMERIA LIBRARY
    • Documentation by topic
    • EU Media Collection
      • Web Space
      • MEDIATHEQUE REPOSITORY
  • Europe on the net
    • Institutions
    • EU Representation in Spain
    • European information network of Andalusia
    • EU official journal
  • ABOUT US
    • Presentation
    • People
    • Contact
  • English
  • Spanish

Phishing most common Cyber Incident faced by SMEs

Inicio » EU News » Defence & Security » Cybersecurity » Phishing most common Cyber Incident faced by SMEs

6 de July de 2021

The European Union Agency for Cybersecurity identifies the cybersecurity challenges SMEs face today and issues recommendations.

Small and medium-sized enterprises (SMEs) are considered to be the backbone of Europe’s economy. 25 millions of SMEs are active today in the European Union and employ more than 100 million workers.

The report Cybersecurity for SMEs ENISA issues today provides advice for SMEs to successfully cope with cybersecurity challenges, particularly those resulting from the COVID-19 pandemic. With the current crisis, traditional businesses had to resort to technologies such as QR codes or contactless payments they had never used before. Although SMEs have turned to such new technologies to maintain their business, they often failed to increase their security in relation to these new systems. Research and real-life experience show that well prepared organisations deal with cyber incidents in a much more efficient way than those failing to plan or lacking the capabilities they need to address cyber threats correctly.

Juhan Lepassaar, EU Agency for Cybersecurity Executive Director said: “SMEs cybersecurity and support is at the forefront of the EU’s cybersecurity strategy for the digital decade and the Agency is fully dedicated to support the SME community in improving their resilience to successfully transform digitally.”

In addition to the report, ENISA also publishes today the Cybersecurity Guide for SMEs: “12 steps to securing your business”. The short cybersecurity guide provides SMEs with practical high-level actions to better secure their systems, hence their businesses.

Based on an extended desktop research, an extensive survey and targeted interviews, the report identifies those pre-existing cybersecurity challenges worsened by the impact of the pandemic crisis.

Key findings

85% of the SMEs surveyed agree that cybersecurity issues would have a serious detrimental impact on their businesses with 57% saying they would most likely go out of business. Out of almost 250 SMEs surveyed, 36% reported that they had experienced an incident in the last 5 years. Nonetheless, cyberattacks are still not considered as a major risk for a large number of SMEs and a belief remains that cyber incidents are only targeting larger organisations.

However, the study reveals that phishing attacks are among the most common cyber incidents SMEs are likely to be exposed to, in addition to ransomware attacks, stolen laptops, and Chief Executive Officer (CEO) frauds. For instance, with the concerns induced by the pandemic, cyber criminals seek to compromise accounts using phishing emails with Covid-19 as a subject. CEO frauds are other decoys meant to lure an employee into acting upon the instructions of a fraudulent email displayed as if sent from their CEO, and usually requesting a payment to be performed in urgency under business-like circumstances.

The report unveils the following challenges SMEs are faced with:

  • Low awareness of cyber threats;
  • Inadequate protection for critical and sensitive information;
  • Lack of budget to cover costs incurred for implementing cybersecurity measures;
  • Availability of ICT cybersecurity expertise and personnel;
  • Absence of suitable guidelines tailored to the SMEs sector;
  • Moving online;
  • Low management support.

How to address those challenges?

The recommendations issued fall into three categories:

  • People

People play an essential role in the cybersecurity ecosystem. The report draws attention to the importance of responsibility, employee buy-in and awareness, cybersecurity training and cybersecurity policies as well as third party management in relation to confidential and/or sensitive information.

  • Processes

Monitoring internal business processes include performing audits, incident planning and response, passwords, software patches and data protection.

  • Technical

At the technical level, a number of aspects should be considered in relation to network security, anti-virus, encryption, security monitoring, physical security and the securing of backups.

Target audience

The report intends to deliver actionable guidance to the owners and employees of SMEs. In addition, this work can be of use to other entities involved in the SME ecosystem, such as SMEs national and European associations, policymakers and implementers, SME ICT providers and others.

Background

For nearly 15 years, the EU Agency for Cybersecurity has been pushing forward cybersecurity initiatives to assist SMEs to integrate cybersecurity into their digital environments. Starting in 2006 and 2007, the Agency published two Information Package for SMEs reports, providing risk assessment and management methodologies for SMEs. In 2010, the Agency published the Business Continuity for SMEs report to help facilitate IT knowledge transfer to SMEs. In 2015, the Cloud Security Guide for SMEs report was released to assist SMEs understand the security risks and opportunities regarding cloud services. Two years later, the Agency published the Guidelines for SMEs on the security of personal data processing.

The EU Agency for Cybersecurity released last year a series of tips to help businesses face the rapidly changing digital sphere during the pandemic: Tips for selecting and using online communication tools; Tips for cybersecurity when buying and selling online; Tips for cybersecurity when working from home; Top ten cyber hygiene tips for SMEs during COVID-19 pandemic. The EU Agency for Cybersecurity and the National Cyber Security Alliance published a joint checklist for SME in November 2020, offering businesses on both sides of the Atlantic a basic guide to maintaining digital security.

Further Information

ENISA

Publicaciones relacionadas:

Latest cyber-attacks on the EU Telecom & Trust Services Incidents in 2020 seguridad-protección-ciberseguridadCommission strengthens cybersecurity of wireless devices and products International sting against dark web vendors leads to 179 arrests Radicalisation in the EU: what is it? How can it be prevented?

“This is a space for debate. All comments, for or against publication, that are respectful and do not contain expressions that are discriminatory, defamatory or contrary to current legislation will be published”.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Publicaciones relacionadas


Latest cyber-attacks on the EU


Telecom & Trust Services Incidents in 2020


seguridad-protección-ciberseguridadCommission strengthens cybersecurity of wireless devices and products


International sting against dark web vendors leads to 179 arrests


Radicalisation in the EU: what is it? How can it be prevented?

Footer

Logotipo en negativo del Centro de Documentación Europea de Almería
  • CDE Almería
  • Edificio Parque Científico-Tecnológico (Pita)
  • Planta: 1ª, Despacho: 2904120.
  • Ctra. Sacramento s/n. Almería (Spain)
  • Teléfono: (+34) 950 015266

HOME
NEWS
DOCUMENTATION
EUROPE ON THE NET
ABOUT US

  • LEGAL NOTICE
  • PRIVACY POLICY
  • COOKIE POLICY
  • ACCESSIBILITY
  • SITEMAP

Copyright © 2023 CDE Almería · Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

<p>El Centro de Documentación Europea de la Universidad de Almería utiliza cookies propias y de terceros para facilitar al usuario la navegación en su página Web y el acceso a los distintos contenidos alojados en la misma. Asimismo, se utilizan cookies analíticas de terceros para medir la interacción de los usuarios con el sitio Web. Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. ajustes</p>

Politica de privacidad

El Centro de Documentación Europea de la Universidad de Almería utiliza cookies propias y de terceros para facilitar al usuario la navegación en su página Web y el acceso a los distintos contenidos alojados en la misma. Asimismo, se utilizan cookies analíticas de terceros para medir la interacción de los usuarios con el sitio Web. Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. <a href="/politica-de-cookies" rel="noopener" target="_blank">Más información</a>

Cookies estrictamente necesarias

Las cookies estrictamente necesarias tiene que activarse siempre para que podamos guardar tus preferencias de ajustes de cookies.

Básicamente la web no funcionara bien si no las activas.

Estas cookies son:

  • Comprobación de inicio de sesión.
  • Cookies de seguridad.
  • Aceptación/rechazo previo de cookies.

Si desactivas esta cookie no podremos guardar tus preferencias. Esto significa que cada vez que visites esta web tendrás que activar o desactivar las cookies de nuevo.

Cookies de terceros

Esta web utiliza Google Analytics, Google Tag Manager y Yandex Metrika para recopilar información anónima tal como el número de visitantes del sitio, o las páginas más populares.

Dejar estas cookies activas nos permite mejorar nuestra web.

¡Por favor, activa primero las cookies estrictamente necesarias para que podamos guardar tus preferencias!

Política de cookies

Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. Más información