Irish SMEs at risk of online security breaches

The latest Cisco annual security report warns that small businesses across the country face a genuine threat of cyber-attacks, caused by ageing infrastructure, the growing industrialisation of hacking and SMEs’ inability to manage their online security systems.

The major survey suggests small firms are less confident in their ability to deal with online security threats but are more aware than ever of the importance of being able to do so.

John N. Stewart, chief security and trust officer, Cisco, said: “The ability to recognise and respond to security threats becoming a business imperative has certainly shown itself to be an important finding.

“Attackers have become much bolder and more co-ordinated.

“They’re sharing information; they’re moving and innovating very rapidly and then remaining incredibly flexible and almost annoyingly resilient because we’re watching the malicious actor teams actually embracing legitimate techniques like strong infrastructure, the use of virtual hosting – almost IT teams that would be running any other business critical service if it were legitimate in order to launch their campaigns.”

Less than half of small firms surveyed for the report said they were confident they could adequately deal with an online security attack and determine its scope and level of threat.

Between 2014 and 2015, the number of organisations with up-to-date infrastructure fell by 10 per cent, with weak SME infrastructures globally becoming a potential threat to bigger firms that do business with SMEs.

Some estimates place the average cost of online security to Irish companies at €240,000 each year.

Other common online security weaknesses include the production of malicious browser extensions that are run across business and personal devices.

While browser extensions were previously viewed as a low-risk issue to SMEs, the latest Cisco report identifies these as potential sources of critical data leaks.

Last updated: 1st February 2016