You are here

Cybersecurity: the Challenge for SMEs

Cybersécurité : prévenir les risques spécifiques aux TPE/PME
Published on
17 May 2017

SMEs are currently a favorite target of cyber-attackers. Why? Unlike major companies, SMEs rarely have an IT department or a process to train employees and prevent digital invasions. As a result, specific cybersecurity training can be a real advantage for company safety. 

According to the last CESIN CESIN (Club des Experts de la Sécurité de l'Information et du Numérique), 80% of companies have had to deal with cybersecurity issues over the past 12 months. If you take into account the fact that it costs on average €800,000 to recover from a cyberattack, investing in preventive training can be a cost-effective solution.

A company-wide issue

Every employee generally has a computer, internet access and access to the company's network. This makes for many potential open doors through which cyber-criminals can infiltrate a company. "A simple USB key can be configured in a specific manner and left lying around. It will quickly be picked up by a curious user who inserts the USB key in their computer and enables a virus to be downloaded. That's all it takes to hack a company's IT system and access valuable data," explains Yannick Chatelain, an expert on online marketing, hacking and cybercrime who is also a researcher and professor at Grenoble Ecole de Management.

Another dangerous attack is the "director rip-off". Once a cybercriminal obtains a key password, he or she can build on the company's organizational structure and combine well-placed phone calls and the use of said password to implement fraudulent actions such as wire transfers. "In some cases, an untrained accountant or financial director can even find themselves accused of collaborating with the cybercriminal!" underlines Yannick.

The danger of curiosity

Ransomware is virus that is loaded onto an IT system and blocks a company's access to its own data. "In 2012, McAfee already counted 120,000 samples of this type of virus. A key to unlock encrypted data is offered in exchange for payment of a ransom, often by sms. Here curiousity is really a killer because unknowledgeable employees will often click on the link sent by hackers. Once that happens, the timebomb is just waiting to go off!" adds Yannick.

Phishing and scamming are other common tactics that rely on progressively acquiring information about a company. Hackers use personalized communications to achieve an objective such as installing a backdoor in an IT system in order to collect banking data or learn sensitive information in order to blackmail a company.

"Cybercriminals are overflowing with creativity when it comes to finding new ways to trick their victims. The best solution to fight off cybercriminals is to set up safety nets through processes such as training to ensure employees know how to use their email accounts in a safe manner. Whereas a major company's IT department will control each user's level of access, SMEs oftentimes don't even have a firewall," concludes Yannick.

Bibliography on this subject

A certificate to manage cybersecurity

Grenoble Ecole de Management via EMSI signed a partnership agreement with EPITA, a school with expertise in cybersecurity training. The two schools agreed to develop new training programs in their fields of expertise. Their first collaboration takes form with a new professional certification program on the topic of managing information security and risks. The certificate is designed to prepare managers to face future cybercrime issues. The first certification will start in September 2017 on the Paris campus. The program will cover policies and methods to help anticipate risks and take protective measure to secure a company's data. EPITA will provide cutting-edge expertise as the school is a partner to the state security services with SecNumedu certification by ANSSI (French National Agency for the Security of Information Systems) and CTI accreditation.

This training program will take place between September 2017 and March 2018 on our Paris campus. The program will include 52 days of training over seven months. Classes will be taught by cybersecurity experts and will build on case studies. To apply, participants should have a master's degree or equivalent in science, sales or management as well as five years' work experience. The TOIEC or equivalent is also required.

Contact

Aurore Besson

On the same subject

  • Chirag Patel et Christophe Haon
    Published on 18 May 2018

    Research: Retail Website Performance, to Outsource or not to Outsource?

    To improve sales, retail websites focus on personalizing their web pages and increasing their influence on social networks. To achieve these goals, should they rely on internal resources or call on external service providers? A study of 105 U.S....

  • Pourquoi les DRH doivent-elles se saisir du digital ?
    Published on 26 March 2018

    Why Is the Digital Revolution Essential for HR?

    The digital revolution is impacting all areas of business. While HR are particularly affected by this change, it’s an opportunity for them to focus their efforts on the “employee experience”.

  • paiement mobile
    Published on 26 March 2018

    How to Encourage User Adoption of Mobile Payment Options?

    Despite the convenience of mobile payment technology, customer adoption of this new technology is not a given. How can companies build on previous internet experience to facilitate this transition?

  • Must the U.S. Lead the Digital Revolution?
    Published on 22 February 2018

    Must the U.S. Lead the Digital Revolution?

    As the digital revolution unfolds, the U.S. and Silicon Valley have so far led the march. What role can Europe play in this major evolution?

  • Les conditions licites de la cybersurveillance du salarié
    Published on 25 January 2018

    Workplace Cyber Surveillance: Rights and Obligations

    Can a business spy on its employees? Yes, within certain limits. Discover how European courts regulate workplace cyber surveillance.

  • Published on 18 January 2018

    Technology Sourcing: How to Optimize Web Performance?

    To increase the performance of retail websites, companies should explore both internal tech development and outsourced tech services. New research confirms the advantage of mixing technology sources.

  • Published on 19 December 2017

    Design Thinking: Generating Pragmatic Ideas

    Design thinking is the art of finding unexpected solutions. How can we encourage this creative process?

  • Caroline Cuny, GEM
    Published on 14 December 2017

    Going Digital to Improve In-Store Customer Relations

    How can digital technology help companies improve a customer’s shopping experience? We look at emerging trends such as artificial intelligence, facial recognition and olfactive marketing.

  • Published on 23 October 2017

    Management: Why Become a Business Coach?

    Improve managerial skills and techniques, teach how to manage conflicts, learn self-control… For the past ten years, Grenoble Ecole de Management has offered managers, consultants, trainers and HR employees a training program for individual and...

  • Published on 17 June 2017

    Nanovalor: a Platform to Evaluate the Value of New Tech

    Emerging technology can impact society and the economy in a variety of ways. Nanovalor creates a platform to analyze and learn about the value of new tech.

  • Une quarantaine de collaborateurs Ubisoft en France sont issus de Grenoble Ecole de Management
    Published on 15 May 2017

    Recruitment: How Does Ubisoft Rely on Its Alumni Employees?

    Alumni from various schools can be a precious asset for companies to build connections with potential recruits.

  • research on Contextual Television Advertising
    Published on 28 February 2017

    Research: Questioning the Effectiveness of Contextual Television Advertising

    As businesses and marketing go digital, companies have to track the effectiveness of their advertising across many channels. The growth of online transactions has made website conversions an essential factor for many businesses. Thanks to detailed...

  • Federico Pigni, Professor at Grenoble Ecole de Management
    Published on 01 July 2016

    Research: Creating Value from Digital Data Streams

    The big data era is upon us. Startups, major companies, organizations and governments are all rushing to extract essential insights from big data. Yet in doing so, many have overlooked the potential value of the digital data streams (DDS) that make...

  • Published on 30 June 2016

    Joining the UN’s International Telecommunication Union (ITU)

    Grenoble Ecole de Management becomes the first Business School in the world, and the first higher education institution in France to join the prestigious International Telecommunication Union (ITU), the United Nations specialized agency based in...

  • websites such as TripAdvisor have given consumers the power to impact a company's image.
    Published on 22 March 2016

    TripAdvisor: How Companies React to Negative Ratings

    The world wide web has revolutionized the hotel, restaurant and other travel-related industries. From online bookings to customer ratings, companies have to learn how to operate in this new environment. While an organization's market identity used...

  • Research: Creating Visitor Engagement Through Music
    Published on 29 February 2016

    Research: Creating Visitor Engagement Through Music

    Digital communications have created an information overload for customers. To stand out on the world wide web, companies have to offer clients a high-impact experience. When used properly, music provides a simple yet effective means of creating a...

  • Federico Pigni, Professor at Grenoble Ecole de Management
    Published on 28 October 2015

    Congratulations Federico Pigni

    Duetto: Industry Transformation with Big Data, a case study in Harvard Business Review by Federico Pigni, Associate Professor in Information Systems in the Management of Technology and Strategy department at the Grenoble Ecole de Management (France...

  • Published on 13 October 2015

    Put Music on your Website

    Your web communication needs to offer a rich consumer experience to distinguish it from others. Nowadays, websites must evoke enjoyable and memorable feelings in their visitors in order to encourage them to revisit and recommend the website.

  • Published on 09 October 2015

    Advanced Master in Digital Business Strategy: appointment of a new Program Director

    Yann Gourvennec joins Grenoble Ecole de Management as Program Director for the Advanced Master in Digital Business Strategy.

  • websites such as TripAdvisor have given consumers the power to impact a company's image.
    Published on 29 September 2015

    Customer reaction and Market identity

    This article, written by Tao Wang, Filippo Carlo Wezel and Bernard Forgues, examines the conditions under which organizations publicly respond to unfavorable consumer evaluations that challenge their market identity. This study relies on an analyse...