Business, Security, SME

Cybercriminals are shopping for an easy target on Black Friday

Brendyn Lotz

1st November 2024

While cybercriminals will target just about anybody or business, SMEs present an easy target.
An attack costs local businesses around R50 million which would be catastrophic for an SME.
As such SMEs should be aware of the threats they face and deploy measures to protect their data.

When it comes to cybercrime, small businesses are often the most highly impacted by attacks. Locally, a data breach can cost a business R53.10 million on average, a figure that could destroy a small business.

Cybercriminals are constantly looking for new attacks methods and ways to exploit gaps in security. While large enterprises can rest easy knowing a dedicated team is fending off intruders, SMEs don’t have the same luxury.

“The direct financial implications are just one aspect of the damage. What’s often overlooked is the long-term impact on customer relationships and brand reputation. A breach can lead to a loss of confidence from both consumers and business partners, which is often very hard to regain,” explains Faiez Hartley, head of IT at Business Partners Limited.

In addition to reputation and money, there may also be legal implications for a business. Legislation such as the Protection of Personal Information Act (POPIA) puts stringent rules in place for businesses who collect any sort of data. Something as simple as poor password hygiene could end up not only ending in a breach, but fines and potentially even prison time.

“Many SMEs believe they are too small to be targeted by cybercriminals, but this couldn’t be further from the truth,” says Hartley. “No business is too small to be affected. In fact, the smaller the business, the more devastating the impact of a cyberattack can be,” he added.

And criminals are well aware that SMEs are an easy target given that they may not have the expertise available to fend off an attack.

The bad news is that the end and beginning of the year are prime periods of attackers. Thanks to businesses closing for the festive season, there are fewer eyes on systems and criminals can easily enter a network while a business has its guard down. These cybercriminals can sit in a network for months before taking action but when they do, it can be devastating.

“One of the most critical aspects is employee training. Introducing multi-factor authentication instead of just a password and providing regular training sessions that teach staff to recognise phishing attempts and identify suspicious online activity can significantly reduce the risk of human error leading to cyber breaches,” the head of IT explains.

As we head into Black Friday and then the festive season, good cybersecurity as well as disaster response is vital for all businesses. There could be nothing worse than having a landmark trading year only for it to be upended by a cybercriminal that breached your network thanks to having the keys to the kingdom locked behind “password123”.

Cybersecurity Awareness Month may be over, but cybercriminals are only just getting started in their activities and you don’t want to be caught in the crossfire.

About Author

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.