Why SMEs need to make cybersecurity their top priority

To maintain business continuity, SMEs have to avoid competitive exploitation and comply with the highest standards of information security.

There is no time more bullish than the present for Indian SMEs (small and medium enterprises). They are on the mark and ready to embrace the GET SET GO moment. I have all the reasons to believe that MSMEs are ready to conquer global markets. They have weathered dynamic external forces and demonstrated perseverance. Let us have a look at how SMEs are all set to change their trajectory and enter another orbit.

The initial thrust for SMEs is provided by the government. SMEs have been supported by consistent policies such as skills development, finance availability, debtors protection, infrastructure development, Make in India, and Atmanirbhar Bharat. These initiatives have equipped entrepreneurs with the confidence to advance towards any global opportunity.

Over the last decade, significant Foreign Direct Investment (FDI) has brought global industries to India. These MNCs have boosted MSMEs' prospects through their vendor development programmes. It has given a blanket exposure to SMEs about global markets, quality management, technology adoption, and of course, the connections. It has made SMEs confident and ambitious to expand to new markets.

The COVID-19 crisis has exposed the influence of China on global trade and supply chains. It has sensitised the rest of the world to establish a balance. Russian aggression in Ukraine has major world markets looking for a friendly trade partner. Somehow, the world finds its comfort zone in dealing with democracy compared to pseudo-democracy. India, a democracy with all its demographic features, tops the list of countries aiming to restore trade and supply chain balance, as seen by the affluent western world. It is the stage-two thrust for our SMEs.

What is changing? SMEs are tasting the fierceness of the global competition. Competition standards have suddenly changed, and technical sophistication and compliance are the new normals. Those SMEs which shy away from digitisation, automation, IoT, and smart manufacturing won't be spared. It has undoubtedly led to the adoption of information technology, a transformation of physical assets into digital assets, and zero tolerance toward information security lapses. All designs, drawings, cost sheets, customer data, formulae, IPR, business data, documents, communications, and transactions have gone digital and are exchanged electronically. However, this gives cause for celebration to digital intruders and hackers

Until five years ago, MSMEs were considered lazy on IT adoption. For them, accounting software was IT, and IT was accounting software. Suddenly, they are compelled to adopt the latest form of IT, rapid digitisation, and comply with the stringent global standards of information security. They are soft targets for cybercriminals.

Unfortunately, these SMEs do not have access to IT talent who can adequately protect them because good IT talent does not aspire to work for SMEs. We frequently see them losing their business continuity due to ransomware attacks. They are likely to fall prey to cybercriminals who defraud them by email identity theft, phishing, and data breach.

They tend to fall short of customers' expectations about information security compliance. They end up assuming significant contractual liabilities without adequate provisions to avert the defaults.

Indian SMEs must claim the global opportunities served to India for all right reasons. They cannot afford to fail. To maintain business continuity, SMEs have to avoid competitive exploitation and comply with the highest standards of information security. They have to reshuffle their priorities and make cybersecurity their top priority. It is not the SMEs who can do it single-handedly. The government, IT industry, and SMEs will have to make this happen. 

The government's scheme to entitle SMEs with a subsidy on ISO Certification can be widened to cover subsidies on cybersecurity measures. The IT industry can invest in developing SME-specific products that are simple and affordable. SMEs can change their perspective toward IT by taking it as an investment and not an expense. With a crucial role played by the IT Industry, the determination of SMEs and facilitation by the government will do wonders. The first step is to change SMEs' mindset to make cybersecurity their top priority.

Edited by Kanishk Singh

(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)


Updates from around the world