Cybersecurity test for SMEs is in demand and proven
Two years ago, the business association Suissedigital launched a cybersecurity test that raises awareness among small and medium-sized enterprises (SMEs) of the dangers of cyberspace and also allows them to assess their current situation. To date, the online test has been completed more than 330 times. The results show that most companies have some catching up to do.
Cybersecurity is an increasingly important topic for companies. The background to this is digitalization, which offers great advantages for SMEs in particular. The keywords here are more efficient processes, data-driven marketing and cloud solutions. At the same time, the risk of SMEs falling victim to cybercrime is increasing. However, there often seems to be a lack of awareness of their own vulnerability. This is shown by the documented cases of cybercrime. "These are only some of the cases," says Reto Zumoberhaus. He is responsible for cybersecurity at Suissedigital. "Many cases don't reach the public because the SMEs concerned don't want to expose themselves."
Solid basis, shortcomings in risk management and responsiveness
To support companies in the fight against cybercrime, Suissedigital launched a cybersecurity test for SMEs two years ago, which was developed in collaboration with FortIT AG. The association based the test on the established NIST cybersecurity framework: 1. identify; 2. protect; 3. detect; 4. respond and 5. recover.
Based on the evaluations of the more than 330 tests completed, the following statements can be made:
- SMEs are self-critical. They admit that they should place more emphasis on cybersecurity.
- SMEs are primarily concerned with the areas of identification and protection. Rolf Wagner, Partner at FortIT, says: "Many SMEs have created a solid foundation. The protection requirements of business processes are being discussed, backup and patch strategies are becoming increasingly professional, thus reducing data loss and other risks."
- However, SMEs have shortcomings in the areas of recognizing, reacting and recovering. Rolf Wagner: "Risk management at SMEs is still often unsystematic. In addition, many SMEs find it difficult to actively identify vulnerabilities and respond to security incidents."
"Recognizing the dangers of cybercrime"
"Self-awareness is the first step towards change - in this sense, our test makes an important contribution to ensuring that SMEs recognize the dangers of cybercrime and take the necessary measures." This is how Reto Zumoberhaus summarizes the experiences of the last two years. The test is still available in German, French and English on the association's website: Cybersecurity Check
Source: www.suissedigital.ch
