Close×

Cameron Research, a marketing research company in Victoria, has recently highlighted a real concern in the way that small businesses are “oblivious” to cyber security. Over the past two years, COVID has helped, if not pushed, small businesses well out of their technological comfort zone and they have, for the most part, embraced it. “The SME markets have probably implemented five to seven years of tech change-innovation in two,” said Cameron. Even the luddites of the group have seen the progress that technology can bring to their organisation and have steadily moved forward with it.

Cyber security, however, is something that SMEs have left for the bigger fish to take ownership of. Cameron explains, “There has been a stunning lack of development in their thinking and approach to cyber security. One may have expected quite the opposite – that is, with a greater awareness and usage of tech – not to mention the cyber security issues that accompany a distributed workforce – it would seem common sense that business owners would become more alert to cyber issues. They haven’t.”

There are probably a few reasons for this. Some are relying on ‘built-in security’ and keeping their heads in the sand regarding anything more that might be required to keep their business safe. Many are unclear on who’s responsibility it is if there is a breach of security on one of their systems like ‘the cloud’ or their banking app. They think that it is their supplier that is at risk. Some know that they need to do something but either don’t know where to start, or just don’t make it a priority. They’re crossing their fingers and hoping for the best while they put other things first that appear to be more urgent.

Cameron Research notes that there are a small group of SMEs who have always been ahead of the game with technology and those businesses are different. Technology is part of their thinking and cyber security is part of that, but these businesses are far from the norm.

In contrast to small business, medium businesses (say, 10m+) see cyber security as their responsibility. The difference in size seems to translate to feeling a lot more vulnerable and a lot more accountable. They feel like they can’t afford to downplay the potential devastation of cyber threats to an organisation and either school up on or outsource cyber protection.

Unfortunately, cyber attackers appear indifferent to the size of the business they target. For a small business, one small breach could prove fatal. Hopefully we will see more small business making time for this important part of their business’ future with an opportunity for trainers and brokers to approach them with information and guidance on cyber awareness and the best way forward for their security.

comments powered by Disqus