MIT Technology Review Report Measures the Existential Threat Cybersecurity Attacks Pose for SMEs


MIT Technology Review Report Measures the Existential Threat Cybersecurity Attacks Pose for SMEs

By Tracey E. Schelmetic

Many small to medium-sized enterprises (SMEs) operate under the incorrect belief that they are too small and insignificant to attract cybersecurity attacks. Unfortunately, this is not the case, and such attacks are on the rise. According to one cross-industry study, midsize companies were almost 500 percent more likely to be targeted by the end of 2021 than two years ago. Smaller organizations are viewed as easier targets, as the largest enterprises have significantly stepped up their security in recent years. One major problem for smaller companies is that a single attack could pose an existential crisis and literally put them out of business.

A newly released report by MIT Technology Review Insights explores why cybersecurity attacks pose an existential risk to small and midsize enterprises (SMEs) and how they can plan for disaster recovery in case of an attack.

Disaster recovery plans are a critical element of business continuity plans, which all SMEs should have in place. While business continuity focuses on overall strategy, including policies and procedures for recovery following an incident, disaster recovery focuses on IT infrastructure, data, and applications. A well-crafted disaster recovery plan includes clear definitions of recovery time objective (RTO) and recovery point objective (RPO).

"Today's data is generated and distributed across highly complex ecosystems—multicloud, hybrid cloud, edge, and internet of things," says Kwee Chuan Yeo, editor of the report. "Enterprises' surface exposure to risks has ballooned. It's not just big corporations that are at risk. Smaller, less sophisticated companies are easier targets due to their lack of resources and expertise."

But, it’s not all gloom and doom, despite the growth of cyber attacks in both volume and sophistication. Businesses can minimize the impact of an attack by implementing a well-designed disaster recovery plan that includes data backups and replication solutions.

Of course, good cybersecurity solutions are also critical, along with ongoing workforce training and education to reduce human error that leads to successful attacks. Collectively, these elements can help businesses limit the damage and downtime an attack causes and, for smaller companies, may even help keep them in business.

Edited by Erik Linask

MSPToday Contributor

Related Articles

Cyberattack Protection, Detection, and Recovery with SaaS

By: Greg Tavarez    11/23/2022

DataHawk from Cohesity is a data security SaaS solution that helps customers protect, detect and recover from cyberattacks and ransomware attacks.

Read More

Cloud Marketplace Innovator Pax8 Ranks 131 on the Deloitte Technology Fast 500

By: Juhi Fadia    11/23/2022

Pax8 has been named in the Deloitte Technology Fast 500 among the fastest-growing technology, media, telecommunications, life sciences, fintech, and e…

Read More

Arizona Department of Homeland Security Picks Tanium for Cybersecurity

By: Stefania Viscusi    11/22/2022

With a new, state-of-the-art cybersecurity solution from Tanium, AZDOHS is able to better share key information in real time, creating a stronger secu…

Read More

IT Teams Fall Short in Microsoft 365 Security Protections

By: Greg Tavarez    11/21/2022

A surprising number of enterprises have major gaps in the Microsoft security policies and practices, leading to unnecessary risks.

Read More

Phishing Attacks Sprout from Unexpected Places

By: Greg Tavarez    11/21/2022

Users more frequently click on phishing links that arrive through other channels, including personal websites and blogs, social media, and search engi…

Read More