Data is as essential an asset for SMEs as it is for large organisations. Data corruption, loss or theft can severely hamper a company’s operations. Unfortunately, however, data is often transferred, processed and stored in systems that are not adequate given their strategic importance. Some businesses found that out the hard way when they were hit by WannaCry and NotPetya. Saint-Gobain estimated lost earnings to have been around €220 million in 2017. A North American group claimed $100 million in damages following a NotPetya attack but its insurance company refused to pay on the grounds that the virus was, to all intents and purposes, an act of war.
Meanwhile, companies are facing unprecedented risks in cybersecurity, including fraud, operational disruptions, hacking, and data loss or disclosure. The risks are becoming increasingly varied, as are their origins (which can range from disgruntled employees to government agencies). And these risks now also affect smaller organisations, which up until now had come under attack less often and were less reliant on IT systems.