2024 will see more cyberthreats emerge – here is what SMEs need to know

Padlock against circuit board/cybersecurity background
(Image credit: Future)

Against a backdrop of international turmoil, high inflation rates and a fast-changing political landscape, the past year has seen cybercriminals take advantage of vulnerabilities on an unprecedented scale. As we head into a geopolitically and economically uncertain 2024, small and medium enterprises (SMEs) are facing an increased risk of becoming victims to cybercrime, unless the proper measures are put into place.

A common misconception is that bigger companies are more susceptible to cyberattacks, due to the perceived value of their extensive databases. However, the bigger the business, the more likely it is to invest in extensive cybersecurity measures, implementing several layers of protection to avoid falling victim to cybercrime. Instead, it is the over 5.5 million SMEs in the UK that prove to be the most vulnerable in the face of hackers, with 785,000 cybercrimes recorded in the past 12 months alone. Given the significant economic contribution these companies make, getting this right is important to the prosperity agendas of their respective countries.

To put that into perspective, our data shows that cybercriminals scan devices connected to the internet every 30 seconds, using AI and machine learning to identify and target gaps in a company’s defenses. This is especially concerning as more than half of UK businesses (61%) say they are finding it increasingly difficult to keep up with necessary security measures.

Tris Morgan

Managing Director of Security at BT.

Identifying potential vulnerabilities

With most SMEs focused on accelerating growth, it comes as no surprise that cybersecurity can fall down the list of priorities. With no dedicated security teams, Small Office/Home Offices and small businesses with only a handful of employees are especially likely to postpone assessing their cyber risks. But all business owners should treat their cybersecurity like they do their home security. BT data shows that companies’ security systems are being scanned and tested by hackers up to 3,000 times a day, so even the smallest gap in a firewall can lead to catastrophic repercussions as the result of a cyber-attack. You wouldn’t leave your doors unlocked and windows open, so you shouldn’t give hackers easy access to your critical business data either.

A recent study for the Department for Science, Innovation and Technology shows that UK businesses use between 6 and 50,000 connected devices within their organizational networks, including laptops, smartphones, smart watches, smart meeting room technologies, smart building access, and security systems. As the list of potential entry points into their networks becomes greater, every touchpoint becomes a potential vulnerability, making it critical that the right tools are in place to ward off attackers.

Fostering a cyber-conscious company culture

The importance of a strong human firewall cannot be understated. Companies of any size must practice good cyber hygiene, offering staff members access to regular training to boost online safety practices. This can also be bolstered by setting up guardrails, such as restricting certain websites from being accessed via the company network or using filters to scan email click-throughs for potential threats.

With more employees - especially within SMEs - now working entirely from home or remotely from public spaces, it is important to acknowledge the potential threats different working environments may bring. Facilitating access to tools such as Virtual Private Networks (VPN) and privacy screens is crucial when it comes to mitigating potential risks in these circumstances. A company culture that encourages openness and transparency is also essential to maintaining good cyber hygiene, as staff are more likely to openly discuss potential safety concerns without worrying about the repercussions they might face.

Having a strong human firewall means SMEs can be more tactical in their spending on cybersecurity measures, too. It can be difficult for small business owners to stay on top of the latest developments in security, leading them to feel overwhelmed and unsure about which type of protection right for their company’s needs.

Getting the basics right is one of the most effective ways to keep a business safe. Finding comprehensive antivirus and malware software, setting up robust password security, as well as getting business-grade Wi-Fi installed are some measures that can be quickly implemented. Businesses should also invest in secure data backup options too, to minimize any disruption caused by data breaches or other attacks on Cloud-based platforms.

Planning for the future

While these are rudimentary measures every business should prioritize for 2024, our research shows the cybersecurity market is expected to almost triple by 2025, from £9bn to £26bn. This means we are likely to see more sophisticated, AI-backed tools to help companies ward off cyber criminals. For SMEs with limited resources, AI solutions can work harder to protect connections and automate defenses.

Still, that does not mean cyber threats won’t continue to be a serious challenge for businesses of all sizes in the years to come. With the advent of new technologies such as quantum computers, hackers are quickly learning how to identify cracks in even the most complex security systems.

As hackers become more skilled in navigating increasingly elaborate defences, Gartner predicts nearly half (45%) of organisations worldwide will have fallen trap to cyber criminals by 2025. It is a sobering statistic, but one that must empower SMEs to prioritise a culture of cyber consciousness. As we head into 2024, it is an opportunity for small businesses to make sure employees and other stakeholders are united in keeping cybersecurity top of mind as they continue to grow and expand their business in the new year.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Tris Morgan, Director of Security Advisory Services at BT.