Despite a common belief among small businesses that they are too small to be targeted by cybercriminals, they actually represent a significant proportion of those that fall victim to cyber crime each year.
In 2023, a total of 11% of businesses and 8% of charities have experienced cyber crime, rising to 26% of medium businesses, 37% of large businesses and 25% of high-income charities.
And despite the fact that 46% of all cyber breaches impacting businesses with fewer than 1,000 employees, only 22% of small businesses increased their cybersecurity spending in 2021.
Unfortunately that situation is only likely to get worse. SMEs operate in complex digital environments that are ripe for cyber crime. And with attacks evolving and becoming more sophisticated, it’s worth double down on your defences and getting a handle on your threats.
Here’s what the industry thinks could happen in 2024:
More data breaches: There is an expected overall increase in cybersecurity attacks and data breaches. This rise is partly due to the fast pace of digital transformation and the increasing sophistication of cyber threats. Keeping data secure is cybersecurity 101 – if you do nothing else, keep your data water tight.
AI gets weaponised: Large Language Models (LLMs) like ChatGPT and Bard are capable of analysing unstructured data from emails, documents and files. That means they can be used to create highly sophisticated phishing attacks via email, SMS or with fraudulent content. These will be harder to detect because AI produces decent quality copy – unlike the typo ridden efforts you’re used to.
Social engineering gets smarter: According to a report in Forbes, social engineering attacks that involve tricking users into giving attackers access to systems are increasing in sophistication. Tools such as ChatGPT enable more attackers to make smarter, more personalised approaches. Expect deepfake attacks to become more common.
Ransomware remains a problem: Research from the Trellix Advanced Research Center said that in 2024, ransomware would remain a threat because of the growing complexity of digital environments.
John Fokker, Head of Threat Intelligence at Trellix Advanced Research Center said: “Cybercriminals from ransomware families to nation-state actors are getting smarter, quicker, and more coordinated in retooling their tactics to follow new schemes — and we don’t anticipate that changing in 2024.”
IoT as a weak point: With more devices connected there’s way more access points for cybercriminals. And as more workers choose to work remotely, the risks posed by users sharing data or connecting over insecure networks or devices will be a massive threat. Given that there aren’t any proper standards for IoT security this is a big vulnerability and one that cyber criminals are looking to exploit.
With the evolving digital landscape, the threat of cybercrime is escalating, particularly for SMEs operating in complex digital environments. The forecast for 2024 suggests a rise in data breaches, AI joining the dark side and persistent ransomware threats, among other threats. It underscores the need to take cybersecurity seriously and to ensure that it’s on-point all year round.
Worried you’re at risk? Don’t wait to find out. Drop us a line today.