SMEs and security: How to avoid a rock and the hard place nightmare

In addition to the widespread disruption to markets and the very way that we work, 2020 has also seen a sharp spike in cybersecurity threats, as malicious actors have looked to capitalise on the disruption.

With organisations scrambling to enable remote working and moving their workloads to the cloud, security vulnerabilities have proliferated, and according to PwC, in its 2021 Global Digital Trust Insights survey, there has been a 65 per cent increase in cybersecurity incidents in the April-June quarter this year alone.

Cyber attacks will cost the global economy $6 trillion by 2021, and they don't discriminate based on the size of the company that they target; as noted in a report by InnovationAus: "Bad actors aggressively target SMEs because of their low cyber security posture and the valuable supply chain partner access and information they hold.

"It is much easier to steal sensitive data from a small business defence subcontractor than it is from the heavily fortified Defence department."

In addition to being actively targeted by cyber criminals, SMEs are particularly vulnerable to them. Around 60 per cent of SMEs that are victims of cyber attacks do not recover and shut down within six months. The reasons for this are multiple. Raw fines for breaches across the APAC region are significant: Fines in Singapore can reach $1 million, Hong Kong recently issued Cathay Pacific a £500,000 (US$639,600) fine, as the first time it has penalised a data breach, and the Australian government fines for data breaches range from $525,000 to $2.1 million. These kinds of fines represent costs that few SMEs can bear. In addition, there are reputational damages to consider. Research shows that as many as 81 per cent of consumers would stop engaging with a brand online after a data breach, and with digital revenue being more critical than ever to a brand, that loss of customers can be catastrophic to the brand.

Compounding this challenge even further is the skills shortage that Australia is facing in this field. Research suggests that the APAC region is particularly hit with skill shortages, with an estimated 2.14 million unfilled vacancies across the region. So, the kind of resources that SMEs need to manage their security challenges are going to be expensive and competitive into the future.

The silver lining for SMEs is that they are increasingly able to leverage comprehensive security solutions through the cloud, and outsource many of these challenges to proven, reliable technology partners.


Around 60 per cent of SMEs that are victims of cyber attacks do not recover and shut down within six months.

Building holistic technology solutions

Cisco, as a leader in providing communication and collaboration tools via the cloud, is right at the forefront of one of the most common attack vectors for malicious actors in targeting SMEs. With research showing that 86 per cent of organisations are looking to consolidate their vendor portfolio to reduce complexity in the environment, Cisco's comprehensive, all-of-environment solutions help achieve the dual purpose of minimising complexity within the environment and providing SMEs with an enterprise-class security solution.

The Cisco security suite includes:

  • Advanced malware protection
  • Cloud security
  • Email security
  • Endpoint security
  • Multi-factor authentication
  • Next-generation firewalls
  • Network visibility and segmentation
  • Next generation intrusion prevention systems
  • Security management
  • Threat response
  • VPN security clients
  • Web security

This suite is a direct response to the changing needs for security in an environment. Traditionally SMEs have relied on point solutions for security – install a firewall on the network, as well as anti-virus and anti-malware software on PC or mobile devices, and hope that it's enough to protect against intrusion. However, that's ineffective in a modern environment, particularly one that has become as diversified and hyper-connected as the modern IT environment. With more devices connected to the network (from printers right through to security systems), and with employees using personal technology to work (including off-the-shelf modem/routers for the home office), the thinking around security needs to shift from a point solution approach to a whole-of-environment approach.

How SMEs should be thinking about security

The Cisco security suite is called Cisco SecureX, and it is aimed at simplifying the security of the organisation without compromise. It is a technology that Cisco provides to 100 per cent of the Fortune 100, highlighting the robust enterprise nature of the technology, however, it is also highly available to SMEs. Cloud delivery means that CIOs can manage the dispersed environment from any location, and have an instant complete view of the IT environment.

IT security is a growing problem for SMEs – they have never been more prone to attacks, and the cost when it happens is likely to be business-ending. Additionally, events of 2020 have exasperated the security risk, while the long-term IT security skill shortage has never been more extreme in Australia. SMEs need to find trusted partners that can reduce the complexity of their security environment by delivering it over the cloud without compromise to the quality of the coverage.

Find more information via Cisco's enterprise-standard security solutions for SMEs.

Show Comments