European SMEs facing increased cyber threats in changing digital landscape

Back to News

In the lead up to the EU Agency for Cybersecurity’s forthcoming Cybersecurity for SMEs report, the Agency gathered European businesses, agencies and associations to share their views on the major challenges faced by SMEs in a time of heightened threats.

On the 17th of November, the European Union Agency for Cybersecurity (ENISA) organised an online workshop for European small and medium-sized enterprises (SMEs) to share their first-hand experience of working towards strengthened resiliency in the face of COVID-19-related cybersecurity challenges. Participants also offered their views on the initial findings from the ENISA Cybersecurity for SMEs report, due out in the coming months.  

Accounting for more than half of Europe’s GDP, SMEs are a key driver of innovation and growth across the Union. Their well-being is vital to both the economy and society. The pandemic has put an incredible stress on these businesses this year. SMEs are not only navigating a new digital realm where employees work from home and business is increasingly conducted online, but they are also facing more advanced and targeted cyber threats.

Dr. Evangelos Ouzounis, Head of the Secure Infrastructure and Services Unit of the EU Agency for Cybersecurity, opened the one-day workshop with a keynote speech about the Agency’s work with SMEs - from publishing guidance on best practices to gathering stakeholders across communities to increase cybersecurity awareness. Dr. Ouzounis introduced Oana-Georgiana Popescu of the Executive Agency for Small and Medium-sized Enterprises (EASME), who discussed the European Innovation Council Accelerator’s community platform, and connection to the research and innovation programme, Horizon Europe (2021-2027).

Moderated by Ms. Popescu, panellists from SMEs with expertise in cybersecurity and information technology discussed current obstacles and their efforts towards increasing cyber resiliency. Brian Honan, founder of Ireland-based BH Consulting, highlighted the dangers of social engineering attacks. Antonio Ramos, CEO of Leet Security in Spain, presented cybersecurity capability building models and security governance. Peter Stelzhammer, co-founder of Austria’s AV Comparatives, offered examples of anti-malware solutions. Piotr Żabrowski of Poland’s Ceneo.pl discussed cybersecurity in the e-commerce sector.

The event highlighted SME’s increasing need for the right tools to stay ahead of the game and be prepared for cyber threats before they happen. Participants welcomed the work and involvement of the EU Agency for Cybersecurity and expressed a great interest in participating in further SME-targeted initiatives by the Agency.

Background

For nearly 15 years, the EU Agency for Cybersecurity has been pushing forward cybersecurity initiatives to assist SMEs to integrate cybersecurity into their digital environments. Starting in 2006 and 2007, the Agency published two Information Package for SMEs reports, providing risk assessment and management methodologies for SMEs. In 2010, the Agency published the Business Continuity for SMEs report to help facilitate IT knowledge transfer to SMEs. In 2015, the Cloud Security Guide for SMEs report was released to assist SMEs understand the security risks and opportunities regarding cloud services; and two years later, the Agency’s Guidelines for SMEs on the security of personal data processing were published.

This year, the EU Agency for Cybersecurity has released a series of tips to help businesses face the rapidly changing digital sphere during the pandemic: Tips for selecting and using online communication tools; Tips for cybersecurity when buying and selling online; Tips for cybersecurity when working from home; Top ten cyber hygiene tips for SMEs during covid-19 pandemic. Most recently, in November 2020, the EU Agency for Cybersecurity and the National Cyber Security Alliance released a joint checklist for SME, offering businesses on both sides of the Atlantic a basic guide to maintaining digital security.

The upcoming ‘Cybersecurity for SMEs: Challenges and Recommendations’ report is part of the Agency’s wider work to increase the cybersecurity resiliency of SMEs across Europe. The publication is based on a two-month-long public survey in which more than 250 European SMEs identified their main cybersecurity challenges and their level of preparedness to cope with the most common cyber threats.

Press Contact

For questions related to the press and interviews, please contact press (at) enisa.europa.eu.