By Milica D. Djekic

The small businesses are the most common way of enterprises bringing over half of the GDP to any economy worldwide. From such a perspective, it’s quite clear that the lives and activities of some nations could be vitally dependable on those organizations. For instance, in the case of the business discontinuity or the entire collapse – there would happen the non-returnable losses to the country’s economy and society at the same glance. On the other hand, it’s quite obvious that the majority of small businesses across the globe got vulnerable to the hacker’s attacks as they would mainly rely on the IT infrastructure. The startup concept got so usual in the world and that’s not the case with the developed societies only, but rather with the majority of developing economies, so far.

In other words, the small businesses in the United States as well as in Eastern Europe would equally use the advantages of new technologies such as computers, mobile devices, the internet, and other communications systems. The experience would suggest that even the emerging Asian economy would position itself as the leader in the 4th industrial revolution as well as the digital transformation and the good question to the coming times would be if the technologies of a tomorrow would cope with better safety and security, so far. Also, it’s quite useful to mention that the small businesses could be so easy target to the insider’s threats as their employee selection procedures and policies are not that well-developed as it is the case with the large-scale companies.

Apparently, nearly everyone could assess the small business asset simply showing the adequate working biography and getting well-prepared for the job’s interview questions. The cybercriminals could try to access small business asset from the outside, but it’s always convenient to get someone being inside the company who would deal with real-time intelligence. The best practice in the developed world would indicate that there would be plenty of competitive intelligence agencies that would collect both open-source intelligence as well as the inner findings using their skillfully trained agents. Those sorts of services would get the role to maintain the balance on the marketplace and encourage only the business actors that would play by rules to remain active on the scene.

The small businesses as a critical asset

According to some expert’s definitions, the critical infrastructure is any organization or asset that is from strategic importance to some nation or its country. For instance, if anything would happen with the critical infrastructure – the entire community would suffer so dramatic and catastrophic consequences. A similar situation is with the small businesses being so significant actors to the finances and economy of some countries. In case the small businesses collapse the entire public and government sector could go to the crisis and so many people within that society could get disadvantaged and probably it would take some time before the entire nation recovers from those losses.

The modern cybercrime would be a huge challenge to the entire business landscape for a reason the hackers would try to steal so sensitive data and in such a manner – compromise and even destroy the overall small business asset. As we would already suggest – the majority of the countries worldwide would be so dependable on the small business productivity and those assets would be the best taxpayers to the state financial sector. For such a reason, it’s quite clear why every government should think hard on how to prevent possible cyber attacks and consequently respond to any incident coming on. This is not only the open concern that should get left as it is but the entire challenge that seeks the appropriate strategy to get tackled on.

Cyber defense with a small enterprise is still poor

Unluckily to all legal players and fortunately to the hackers – the majority of small businesses over the world still need better cyber protection. It would appear that such an infrastructure is so easy to target to cyber espionage and sabotage and for such a reason there is the big need to much smarter and a bit safer approach to such a challenge. Some researchers would propose the use of the one-man SOC in a small business area and we would agree that such an approach could bring some positive results on. In any sense, the small businesses need a strong correlation with law enforcement as the policing staffs are the ones who could proceed and arrest the potential cybercriminals and their gangs. Also, it would so commonly happen that the hacker’s organizations from the overseas would try to make harm to the small business field and in such a fashion – it’s so necessary to think a bit about the well-prepared international collaborating agreements that would bring together the entire international defense and intelligence community to work hard on resolving those concerns.

The huge profit coming with the minimum risk

The main reason why the cybercrime underground would choose the small businesses as their permanent targets is that those assets would deal with the minimum protection which would mean so meaningless risk to the hackers, but they would still bring the huge incomes to anyone who wants to take advantage over such an operation. The real hackers would cope with them quite well skill and they would mostly begin their cyber-attack sending the phishing email or link through some social media or communications channel. As the employers would not care so seriously about such a threat – the bad guys would easily take advantage of their unpreparedness and literally cause a huge disadvantage to those businesses which would normally get closed within some brief period of time.

In addition, when we say that the hacking groups could compromise some organization – we would mean that they could take out so confidential information such as bank’s account details, business contracts or some intellectual property and publish them on the web sharing such a link with the media that would further inform the members of public about such an occurrence. In other words, no one would get happy to deal with the enterprises that could not get trusted in terms of data security and so promptly those actors would lose their role in the marketplace.

The threat to national interests and economy

It would seem that the cybercrime syndicates could so easily clean up so many small businesses from the landscape and cause so severe harm to the entire economy as well as the national interests. The main issue is that some transnational crime groups and terrorist organizations could get the motive to try to clean up the marketplace from so many small businesses causing so big disadvantage to their countries and people. In other words, if the developed economies would get wounded with such a powerful bullet – they could struggle or even shrink pulling with them so many small economies and producing the new global economic crisis, so far.

Would cybersecurity bring you a peaceful nap?

As it’s so obvious from this review, the small businesses as a critical infrastructure could get so sensitive from both inside and outside. The hacker’s groups could make so deep hug with the rest of the malicious actors worldwide and attempt to synchronously and systematically destroy the entire set of such critical assets. So, would the cyber defense bring us a bit better nap if we try to apply so in the practice? The answer to this question is we must manage the risk somehow and if we recognize our small enterprises as critical infrastructure – we should put there someone who would watch after them hour by hour and day by day maintaining the contact with the local authorities that would assist anytime the incident occurs.

About The Author

Milica D. Djekic is an Independent Researcher from Subotica, Republic of Serbia. She received her engineering background from the Faculty of Mechanical Engineering, University of Belgrade. She writes for some domestic and overseas presses and she is also the author of the book “The Internet of Things: Concept, Applications, and Security” being published in 2017 with the Lambert Academic Publishing. Milica is also a speaker with the BrightTALK expert’s channel and Cyber Security Summit Europe being held in 2016 as well as CyberCentral Summit 2019 being one of the most exclusive cyber defense events in Europe. She is a member of ASIS International since 2017 and contributor to the Australian Cyber Security Magazine since 2018. Milica’s research efforts are recognized with the Computer Emergency Response Team for the European Union (CERT-EU). Her fields of interest are cyber defense, technology, and business. Milica is a person with a disability.