It may be easy to believe that cybercriminals only prey on the big companies of this world.
Posted at 11:00 a.m.
The examples are numerous and have even multiplied lately: major data theft at Bell Canada, leak of confidential information at BRP, and if we go back over the years, you are aware that La Capitale Insurance, Desjardins and the STM, like many others, have not been able to escape these risks.
If the picture painted is enough to make believe that the stakes are enormous and only concern large companies, it is quite different since, with supporting evidence, cybersecurity concerns everyone! No company, whatever its size, is no exception.
With that in mind, I now challenge you to name one attack on a small business that has stuck in your mind… Chances are no example comes to mind. It’s no wonder: this is an invisible crime, there are no broken windows, no missing equipment, no police cars parked in front of the business or media making the headlines. If everything went unnoticed, the victims are not lacking. Many of them are even forced into bankruptcy.
In 2020, Statistics Canada estimated that 21% of businesses here had been victims of cyberattacks, of which 18% were small businesses with 10 to 40 employees and 29% SMEs with 50 to 249 employees.
Since then, the pandemic, along with the rapid technological shift it has involved and the hasty reorganization to pursue teleworking activities, has certainly contributed to an exponential increase in threats and malicious attacks targeting SMEs here which, let’s say very clearly, are not only less equipped to deal with it, but also more at risk of serious damage that could impact your money and your reputation.
For cybercriminals, SMBs are the perfect victims. As with physical thefts, fiction leads us to believe that criminals only have grand plans as with The casa de papelwhen in reality they prefer to steal from convenience stores: simpler, faster and less risky for them, which could go under the radar.
Very often, moreover, there is no department or head of technology within their teams, nor an information security manager. In a portrait of cybersecurity among Quebec SMEs recently, we even learn that less than a quarter have implemented all four basic protection measures, namely: password manager, two-factor authentication, training in cybersecurity and frequent security audit.
Cybercriminals also know it very well: the cost and resources associated with cybersecurity mean that most companies do not hesitate to take an ill-calculated risk.
The war against SMEs is silent, but not without victims. The consequences can be serious and sometimes even fatal. If the portrait may seem very dark, we must not succumb to fatalism. It is possible to counterattack and protect yourself. Prevention is better than cure. There are suitable and effective solutions for SMEs to reduce the risk to a strict minimum.
A company that takes cybersecurity seriously sends a strong message to cybercriminals: if you target us, it won’t be easy.
Free advice for SMEs: don’t be passive. Don’t rely on luck, take action and protect what you’ve worked so hard for.
To ensure the country’s prosperity, Quebec needs the economic contribution of its SMEs.