Cyber-attacks are a big business, as highlighted by recent headlines of ransomware attacks on the Colonial Pipeline and on the Taiwanese computer manufacturer Acer, which allegedly paid a ransom of £50 million.
According to Harvard Business Review, the total amount of ransom companies paid to hackers grew by 300% over the period of last 12 months – and high-profile victims of cyberattacks are now forking out millions to survive.
It’s easy to see why small and medium businesses (SMBs) may feel that cyberattacks are reserved for large enterprises with sky-high revenues – but this assumption comes at a cost.
With 49% of SMBs impacted each month by cyber-attacks, it’s clear all organisations are targets for cyber criminals. Cyberattacks have evolved in complexity amid the challenges of managing remote or hybrid workforces, meaning it’s now crucial that businesses improve their understanding of cybersecurity and invest in strong backup and disaster recovery solutions.
Artificial Intelligence (AI) and Machine Learning (ML) hold the potential to support resource and time strapped SMBs. By using technology to support cybersecurity, SMBs will be able to improve security, maintain cyber resilience and ensure service availability.
The unexplored potential of AI/ML
Although businesses have accelerated adoption of AI/ML technologies in recent years, understanding the potential of these tools within cybersecurity is crucial for CSOs to maximise their benefits in building secure infrastructure.
According to a report by Carbonite + Webroot, although 95% of UK IT decision makers currently deploy AI and Machine Learning, over half (58%) admit they are unsure of their functionalities and potential. Businesses therefore need to do more to ensure staff are properly educated on how to use these cybersecurity tools effectively to maintain cyber resilience.
AI and ML technology also can help SMBs protect their endpoint data by applying domain name system filtering to stop 88% of threats at the network’s edge — before they ever hit the network or endpoints. These are two key elements of how AI/ML tools can provide an extra layer of security for a business.
SMBs risk high stakes
According to the cybersecurity breaches survey 2021 published by the government, 38% of UK SMBs have reported data being stolen or breached at least once during the year. The average cost of all breaches or attacks identified in the last 12 months – for SMBs alone – was estimated to be £2,600.
Since SMBs often serve larger organisations, cybercriminals may try to use them as a gateway. With minimum IT or security infrastructure in place, SMBs are often not sufficiently equipped to rescue themselves from a cyberattack. Simply put, SMBs cannot afford to recover from the scale of loss due to cyberattacks – often resulting in permanent damage to the business.
By investing in technology equipped with AI and ML, businesses can put efficient and cost effective security infrastructure in place that will help avoid cyber-attacks in the first place, which is often the best approach to cybersecurity.
Organisations must therefore commit to exploring new and creative ways of applying AI/ML technology that focus on helping the human operators that our network security ultimately depends on.
Empowering employees within SMBs
Although recent years have seen an increase in cyberattacks, businesses are yet to realise the risk of not allocating enough budgets to cybersecurity. In fact, only 44% of total cybersecurity budgets last year were spent on tools that use AI and Machine Learning.
That might explain why 39% of the businesses surveyed that suffered a damaging cyberattack in the past year blamed choice of cybersecurity vendor, and 36% blamed employee negligence as the main reason for failing at prevention of the attack.
With 80% of enterprises believing they could be doing more to defend against attacks, it is time to start looking at all the options regarding how technology can intervene – to help improve cyber protection for businesses from all angles.
One of the most effective ways of implementing cyber defences is by empowering employees as the first line of defence. Training and educating employees on how to defend against a cyberattack and what to do in the aftermath of an attack is crucial for all SMBs. Making a conscious choice to invest in tools that will empower employees to make wise cyber secure choices at work will benefit the business.
Amid a lack of cyber resources and expertise, outsourcing to cybersecurity vendors that can provide a holistic cybersecurity strategy for the company is a viable and cost-effective option for SMBs. Deploying subject matter experts, who can help provide data awareness training for employees, and using AI/ML solutions to close the gaps in security infrastructure will help protect against attacks and data loss, paving the long way for business continuity.
Overall, investment in AI/ML technology is vital for ensuring SMBs can thrive in today’s complex security landscape. Seeking support from third-party vendors will help combat issues surrounding limited resources and time by providing advanced cyber technology services that includes training and awareness for employees to enable cyber resilience across the business.