Cybersecurity, any company can be attacked

Cyber criminals are increasingly targeting small and medium-sized businesses, so to defend yourself you need to rely on a Chief Information Security Officer

Once upon a time, hacker attacks almost exclusively targeted large companies, as well as individuals. In recent years, however, cyber criminals are focusing primarily on small and medium-sized businesses. Because there are more of them and because they often don't take the right security measures.

Nowadays, any company makes customer data and information one of its value points. Hackers with malware aim to block or steal this data in order to create a damage to the company. The aim, of course, is to obtain a cash ransom to unlock or return the stolen information to the SME. Given this growing phenomenon, even within small and medium-sized enterprises a specific professional figure is becoming essential, namely the Chief Information Security Officer (CISO). According to Raj Samani, chief scientist of McAfee, information security must be a topic on the agenda also within SMEs. In fact, Samani himself confessed: "When I was CISO at one of the largest banks in the world, I only saw my manager once in six months. Given the historical moment in which we live, where hacker attacks are the most common, it is unthinkable for a company not to have daily contact with its security manager. Not to mention the fact that most companies don't have a Chief Information Security Officer. The best way to keep your company safe is to understand that every single person and every SME, even if very small, can be a target for cyber criminals. Once you become aware of this fact, you can implement the right cybersecurity measures.

Easy life for cyber criminals

Why is the number of attacks growing and why can anyone be a target? Simple, because becoming a cyber criminal or exploiting malware currently doesn't require technical skills. Malicious people who want to make money from the web can buy packages with ready-made viruses and send them to their victims, even without ever having done so before. Or they can exploit social profiles to learn about the interests of an employee or a company boss and then generate a scam via email or directly on social media.