Cyber skills and investment lacking among Europe's SMEs

A lack of IT expertise within SMEs, along with a reduction in investment in cyber resilience have led to a significant increase in cyber security risk and vulnerabilities, according to a poll conducted by Infosecurity Europe.

This year’s COVID-related surge in remote workers was found to be the second most significant stumbling block for smaller businesses, according to the security event’s Twitter poll.

The impacts felt by small businesses across the UK as a result of the coronavirus pandemic are estimated to be six times larger than they were during the 2008 recession, according to analysis undertaken by the Centre for Economic Business Research.

Infosecurity Europe’s poll set out to find out how SMBs are managing to build and invest in cyber resilience – their ability to prepare for, respond to and recover from cyberattacks – and the obstacles they face.

“The rapid pivot to remote working was – and continues to be – a huge challenge for SMBs,” says Maxine Holt (pictured), senior research director at Omdia. “These organisations typically don’t have a dedicated cybersecurity function, and it’s part of someone’s job to oversee it. There was a sticking plaster placed over security during the shift to remote working, which isn’t sustainable. Companies must now peel the sticking plaster back, and put longer term security approaches in place.”

A skills deficit is of particular concern as half (49.7%) of poll respondents believe small companies bear primary responsibility for educating and supporting themselves in becoming cyber resilient. This was followed by government bodies (32.3%) and large tech companies (18.1%).

“Government bodies certainly have a role to play in educating and supporting SMBs, such as the NCSC in the UK,” Holt continues. “But protecting the business is the companies’ own responsibility. There are plenty of free resources available, not only from government bodies but also standards bodies, management consultancies, technology vendors, and service providers. This is one way of keeping up with the ever-widening skills gap.”

Drawing 3,649 responses, the Infosecurity Europe Twitter poll was conducted during the week of 16th November 2020. Infosecurity Europe also asked its community of CISOs and analysts for their views on cyber resilience in small businesses.

The topic of cyber resilience forms the basis of the major annual information security event scheduled to take place at Olympia in West London, from 8-10 June 2021.

    Share Story:

Recent Stories

Are property insurers ready for timber
The Structural Timber Association is gearing up to help all stakeholders in the construction supply chain to fully appreciate the advantages of building in timber, how to deliver such projects and most importantly to understand and manage the risks.

The changing face of BC and WAR
The working environment has changed quite dramatically for many over the last six months. With social distancing and the rise of homeworking, it is not just how businesses operate that has changed, but also how they recover. In this podcast we discuss some of the challenges created by the quick shift to home working, why the office may not have seen its last days and how the current environment can impact the ability of a business to recover.