Richard Frost, Armata Cyber Security

Small and medium enterprises (SMEs) are critical to economic growth. According to the World Economic Forum, they make up more than 90% of registered businesses in South Africa and provide employment to over half the labour force. SMEs matter, and they’ve become a target for cybercriminals. Accenture’s annual ‘Cost of Cybercrime’ study shows that nearly 43% of all cyberattacks happen to smaller businesses, yet only about 14% are prepared to face an attack. “The majority of SMEs don’t even think about cybersecurity,” says Richard Frost, head of consulting at Armata Cyber Security. “They mostly feel they aren’t big enough and don’t have enough valuable information people might want to steal, so it doesn’t warrant the investment.”

SMEs face the same cyber challenges as larger enterprises, but often lack the resources to build comparable resilience. Yet SMEs – collectively with small offices/ home offices (SOHO) – are the largest portion of the workforce around the globe, says Steve Flynn, chief sales and marketing officer of ESET Southern Africa. There are gaps. A lack of employee cybersecurity awareness is common. Without training on phishing, ransomware and other common threats, employees can unintentionally put company data at risk. Strong password practices are also often neglected.