Personal Finance

Home » Business » Personal Finance

Ina Opperman

By Ina Opperman

Business Journalist

7 minute read

21 Oct 2023

03:33 pm

Firewall fiasco: Half of SMEs hit by cyber security incident in past year

Safeguarding while advancing: The cyber security study was done in SA, the US, UK, Canada, Spain, Germany, Portugal, Australia and France.

cyber security

Navigating the fast-paced world of cyber security can be overwhelming for SMEs that often lack dedicated IT expertise. Image: iStock

Half of South African SMEs experienced a cyber security incident in the past year, which shows why staying on top of new threats is the biggest cyber challenge facing small and mid-sized businesses.

More than half of SMEs are calling for help to manage these risks, new global research by Sage reveals. The global research was conducted to investigate SMEs’ perceptions of cyber security and the key hurdles they face.

Sage aims to use the study to demystify cyber security and turn it from a daunting challenge to an empowering tool so SMEs can focus on growing their business, developing their teams and providing outstanding customer experiences.

ALSO READ: How to protect your business from cybercrime on a budget

Revelations in SME cyber security research

The research revealed that:

  • 48% of SMEs experienced a cyber security incident in the past year and 25% (one in four) experienced more than one. In South Africa, the most mentioned incident was stolen laptops (28%), with fewer reported ransomware attacks (9%);
  • 70% of SMEs say cyber threats are a major concern but 72% feel confident about managing cyber security and 76% regularly review it; and
  • Staying on top of new threats is the biggest challenge for 51% of the respondents, followed by 45% ensuring that employees know what is expected of them, educating staff about cyber security (44%) and cost (43%).

With cyber threats multiplying, knowing what is important, where to start and overcoming cost barriers is critical for SMEs that want to bolster their cyber resilience, according to Ben Aung, EVP chief risk officer at Sage.

“Navigating the fast-paced world of cyber security can be overwhelming for SMEs that often lack dedicated IT expertise. While our research highlights their genuine concern for cyber security, they seek guidance to comprehend and mitigate risks beyond the misconception of merely relying on firewalls and tools.”

The research also reveals that only four in 10 SMEs discuss cyber security regularly, mostly when something changes or goes wrong internally or with another company.

In terms of size, smaller businesses are less concerned with cyber security, have less knowledge about cyber controls and generally invest less in cyber security.

ALSO READ: These are the top threats small businesses face

Incidents in South Africa

In South Africa, 83% of SMEs expect cyber security companies to do more to educate and support them, while 45% put the onus on governments to act and 50% on trusted tech partners. Over half (69%) of South African SMEs want support with education and training.

South African SMEs are concerned about cyber security and their investment (79%) in cyber controls is among the highest amid the current economic and cost-of-living conditions.

“It is not surprising to see that South African SMEs are concerned about cyber security, as many may lack the required inhouse expertise and we have seen a dramatic increase in local cyber events over the past few years,” said Kevin Thompson, senior cloud operations manager at Sage Africa and Middle East.

“Numerous businesses have suffered from data breaches, forcing them to seek solutions for potential dangers in the future.”

According to the report, SMEs and large corporations use comparable services and infrastructure, which means the assaults they encounter are becoming more similar.

The research findings also highlight that two-thirds of SMEs are prepared to spend more to ensure better cyber security, with 68% saying they would use a more expensive supplier and devote more budget to a company if they had better security and displayed more information about the privacy and security of their products.

ALSO READ: Listen: Four tips to protect your small business against cybercrime

Cybercrime hurdles a constant reality

Lynne Pace, CFO and VP of finance for Danson Construction, says in today’s digital realm, cyber security hurdles are a constant reality for businesses like Danson.

“We face daily data threats, phishing attempts and ransomware attacks. As a small business, juggling protection and growth is a real challenge.

“The cyber world is a puzzle we cannot ignore. Safeguarding while advancing is the name of the game and finding solutions that fit our size is a must. In this journey, a helping hand from tech companies and government support is crucial. With their help, we can navigate this intricate landscape with more confidence.”

Simon Borwick, cyber security partner at PwC UK, says cyber crime is now a real threat to SMEs, irrespective of their scale.

“Their digital presence can turn into a potential weak link within the supply chain. Dependence on major suppliers and government authorities requires collective action. 

“At the same time, tackling this looming challenge also presents a unique opportunity to carve out a distinct competitive edge – enhancing an organisation’s reputation and building trust.” 

Currently, 64% of SMEs use cyber insurance and 74% plan to use it next year.

At the same time, 91% expect their investment in cyber security to either increase or remain the same in the coming year.

ALSO READ: Nine cybersecurity predictions for 2023 that’ll keep business owners up at night

Other cyber security key findings

  • 48% of SMBs experienced an incident in the past year
  • 91% expect cyber security investments to increase or remain the same in the coming year
  • 69% of SMEs say cyber security is part of their culture, but most only discuss when something changes or goes wrong internally
  • 51% say staying on top of new threats is their biggest challenge
  • 19% of SMEs rely solely on basic controls
  • 58% of SMEs back up their data
  • 80% of SMEs have a process in place to manage risks of remote workers
  • 25% of those with a process in place acknowledge not all adhere to it
  • 52% want more support with cyber security education and training
  • 44% say economic uncertainty/cost of living has reduced cyber security budgets
  • 64% of SME use cyber insurance and 74% plan to use it next year.

Cyber security challenges identified, include:

  • 45% – Ensuring employees understand what is expected of them
  • 44% – Educating employees about cybersecurity
  • 43% – Understanding what security is needed.

Read more on these topics

Cybercrime Small and midsize enterprises (SMEs) small business

Catch up with the latest news from The Citizen on WhatsApp by following our channel. Click here to join.

EDITOR'S CHOICE

Elections Cele says anyone that disrupts elections will be dealt with
Elections New poll shows support for ANC close to 40% a month before elections
Politics Bye bye parliament? MK party comrades sent packing weeks before national elections
Local Soccer Mokwena unsure of Sundowns future after Champions League exit
Courts Here’s why Electoral Court overturned IEC’s decision to bar Zuma’s candidacy

Click here to get The Citizen news and updates on Whatsapp.

Find out more

RELATED ARTICLES

Access premium news and stories

Access to the top content, vouchers and other member only benefits

Subscribe