New SMESEC cybersecurity toolkit for SMEs online
After a three-year development and test phase, a European consortium with the participation of the University of Applied Sciences Northwestern Switzerland FHNW has published the SMESEC framework. The program is designed to help SMEs better protect themselves against cyber attacks.
Cybersecurity has become a critical issue for small and medium-sized enterprises (SMEs). According to the Verizon Data Breach Investigations Report 2019 43 percent of cyberattacks target small businesses. The most common problems include attacks on IT infrastructure with hacking and malware. At the same time, social attacks and employee error or abuse together also affect about half of SMBs. According to the Cybercrime Magazine 60 percent of small businesses go out of business within six months of a critical cyber incident.
Geared to the needs of SMEs
Protecting SMEs against cyber attacks is the goal of SMESEC. This abbreviation stands for Protecting Small and Medium-sized Enterprises digital technology through an innovative cyber-SECurity framework and is a project co-funded by the European Commission and the Swiss State Secretariat for Education, Research and Innovation SERI in the field of information and communication technologies (ICT) of the "Horizon 2020" framework program. The project started in June 2017 and is coordinated by Atos (Spain). This consortium - in which the University of Applied Sciences FHNW is also involved - has built up a framework over the last three years to protect SMEs against cyber threats. Now the consortium has published the first public version of the SMESEC framework published.
The SMESEC toolkit enables end users to self-assess their security status, secure their IT infrastructure, and develop a "security-in-mind" culture among their employees. The framework's dashboard provides organizations with the ability to understand their security status and what immediate steps need to be taken to improve security. They are also encouraged to appoint a chief information security officer (CISO) who can use SMESEC to identify cyber threats, vulnerabilities and risks.
FHNW responsible for the user experience
The institutes for Interactive technologies as well as Mobile and Distributed Systems of FHNW contributed to the framework with user experience design and an innovative tool, the Cybersecurity Coach CYSEC. CYSEC provides the CISO with information about threats, vulnerabilities, and risks, and guides cybersecurity improvement with simple step-by-step advice.
The consortium developed and tested the SMESEC toolkit in collaboration with twelve SMEs of different sizes, types, and industries. The framework and tools were installed and tested in these SMEs. In addition, several workshops were conducted to understand the needs of the SMEs and the impact of the SMESEC solution.
SMESEC to meet the needs of SMEs
"SMEs want to go digital, but they are worried about the cost and their exposure to hackers," says project coordinator Jose Francisco Ruiz, "with our solution, we want to help SMEs protect their business and their employees." Discussions with SMEs have shown that the SMESEC solution meets their needs and concerns, and meets the requirements of SMEs.
Source and further information
