14.10.2024 Law in media
Illusory Security. Small and Medium Enterprises Easy Targets for Cybercrime
KF
35% of micro, small, and medium enterprises (SMEs) fear the theft of their employees' personal data. This comes from research conducted on behalf of ChronPESEL.pl and the National Debt Register of Poland.
Poczytaj artykuł
w wydaniu polskim
illustration: bing.com/createThe main reason for these fears is the increasing number of cyberattacks and the fact that these companies process large amounts of personal data, making them an attractive target for criminals.
Where Do These Fears Come From?
- 59% of companies point to frequent, successful cybercriminal attacks as a cause for concern.
- 29% highlight the processing of large amounts of personal data.
- 26% believe they are an attractive target for data thieves.
At the same time, as many as 65% of entrepreneurs claim they are not worried about data theft. The primary reason given is good computer security (50%). Some companies believe they do not process a large amount of personal data (39%) or that they are not an attractive target for hackers (35%).
Attractiveness of SMEs for Hackers
In Poland, the SME sector employs 7.3 million workers, providing hackers with just as many potential victims. The vast majority of these companies (83%) store personal data in digital form, and 50% exclusively in electronic form. This data includes names, surnames, PESEL numbers, phone numbers, and addresses. Meanwhile, 38% of micro-enterprises store employee data on the owner`s computer, while medium enterprises do so on accounting computers (44%).
It is surprising that 90% of companies in the SME sector declare that they properly protect their employees` data. The most confident are small (55%) and micro-enterprises (54%), which claim to have effective security measures. However, as many as 65% of the smallest companies do not regularly update their antivirus software. Medium enterprises also do not fare much better, as 44% of them neglect this basic principle of cybersecurity.
Data Protection Methods
Most companies in the SME sector secure their data using traditional methods:
- 51% limit access to documents only to authorized persons,
- 40% secure files with passwords,
- 36% have alarms or anti-burglary doors,
- 35% install up-to-date versions of antivirus programs.
Less popular methods include storing paper documents in safes (28%) and using remote locking in case external drives are lost (26%). The least frequently used methods involve default blocking of USB ports (19%) and requiring employees to regularly change their passwords (21%).
Experts warn that the lack of regular updates to antivirus software exposes companies to risk. Kamil Sztandera from ChronPESEL.pl, quoted by Newseria Biznes, notes that this illusory sense of security leads to underestimating threats, and SMEs may become easy prey for cybercriminals.
COMMERCIAL BREAK
New articles in section Law in media
SEO Poisoning. Hackers Use Search Engines to Target Businesses
Piotr Rozmiarek
Search engines help us quickly find information, but they can also be used by cybercriminals. SEO poisoning is a tactic where attackers manipulate search engine rankings to place harmful websites at the top of search results.
Phishing in the Cryptocurrency Industry. Fake Recruitments Steal Data
Piotr Rozmiarek
Security researchers have detected a social engineering campaign targeting job seekers in the Web3 industry. The attack aims to conduct fake job interviews via a meeting application that installs information-stealing malware.
SLAPP Lawsuits in Europe. How Journalists and Activists Are Silenced
Krzysztof Fiedorek
The number of strategic lawsuits aimed at intimidating journalists, activists, and civil society organizations is increasing in Europe. According to the CASE SLAPPs Report 2024, as many as 1,049 such cases were identified between 2010 and 2023.
See articles on a similar topic:
Local Media in Poland - Freedom of Speech
Bartłomiej Dwornik
Abuse of freedom of speech is as common as imposing muzzles on journalists. Although the Press Law and the Constitution guarantee this fundamental freedom to everyone.
Cyber Attack on a Corporate Smartphone. How to Protect Yourself
KrzysztoF
Internet-connected mobile devices are an attractive target for cybercriminals. The key to protecting sensitive business data is employee awareness, hardware solutions, and appropriate software. This mini-guide provides a quick overview of how to protect each of these areas.
Big Data in Poland. Companies Lack Ideas for Data Utilization
KF
Only 11 to 16 percent of domestic companies report using Big Data solutions, according to a survey by OVH and Intel. Among companies that have not yet used Big Data, only 2 percent plan to adopt this technology this year. Meanwhile, nearly all large and small companies admit to collecting customer data.
Cyber Threats 2023: Phishing Dominates, AI Targeted
Krzysztof Fiedorek
The CERT Orange Polska 2023 report reveals a rapidly evolving cyber threat landscape. Phishing has taken a decisive lead, accounting for over 44% of reported incidents. Advanced social engineering techniques, deepfakes, and a surge in malicious ads lure users with promises of quick profits or easy opportunities.
