SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Remote working causes significant cybersecurity risks for SMEs
Thu, 7th Oct 2021
FYI, this story is more than a year old

New research from ServerChoice shows remote working is leading to increased cybersecurity risks for SMEs.

The research, conducted with 1,000 business leaders at SMEs (small and medium-sized enterprises), found changes in working patterns are resulting in infrastructure being left unmonitored and business data being rendered more vulnerable to exploitation.

ServerChoice says lockdowns and the pandemic have induced new working patterns, meaning many technical staff at SMEs are now based remotely. As a result, 77% of SMEs see remote working as an increased risk to the business. According to ServerChoice, the cause behind this heightened risk is a lack of access to business infrastructure. The research found two-thirds of SMEs (66%) now find it harder to monitor their infrastructure, while 25% have opted to leave infrastructure unmonitored altogether, posing a significant risk if they should fall victim to cyber-attacks in the future.

While remote working is convenient for many, the increased distance between technical staff and infrastructure, and the subsequent delay in maintenance and disaster response, present an ideal opportunity for cybercriminals to exploit vulnerabilities.

ServerChoice says some industries are more at risk than others. As the education, healthcare, and financial industries provide essential services, they are regular targets of cybercriminals. In retail, many SME vendors are still adapting to the increase in online transactions brought about by the pandemic, making them more susceptible to security breaches.

As a result, these industries need to ensure their infrastructure is regularly monitored and maintained to avoid being compromised. However, despite the pressure these industries are under, the research reveals many SME leaders in different sectors still leave infrastructure unmonitored.

The findings of the research show:

  • The healthcare industry has been impacted most by remote work, with 89% of healthcare leaders stating that remote work has added additional infrastructure risk.
  • Manufacturing has been the least impacted, with 29% of leaders saying there has been no effect on infrastructure risk as a result of remote working.
  • Despite believing that there is an increased risk brought on by flexible working practices, one in five retail and education SMEs still leave their infrastructure unmonitored. Sixteen percent of healthcare businesses and 18% of financial services companies do the same.

"Although it may not appear on a balance sheet, data is one of the most valuable assets for any business," says ServerChoice commercial director, Adam Bradshaw.

"Offices and laptops can be replaced, but a company's proprietary data cannot. Our research found remote working is exposing SMEs to additional risk of compromise, and some businesses are being forced to leave infrastructure unmonitored. This is a big risk and could lead to data breaches exposing sensitive data or even leave systems open to encryption and ransomware attacks."

He says SMEs must treat data and IT infrastructure like any other asset and secure it properly. "If SMEs are unable to secure their infrastructure due to remote working or a lack of expertise, they must find a custodian who can do it on their behalf, or run the risk of having their data comprised in the future."