With Industry 4.0, every SME is being compelled to digitise their operations. Though it has benefits for the business, it has increased the attack surface for the hackers. In the digital era, starting from CNC machines or robots on the shop floor in the manufacturing industry, computerised automation, medical devices in hospitals, databases, websites, mobile apps, APIs, the cloud, ERP software, laptops, desktops, servers, cameras, and almost everything present in cyberspace can be vulnerable to cyber threats. According to the latest research, “LCCI: A Framework for Least Cybersecurity Controls to be Implemented for Small and Medium Enterprises (SMEs)”, in Elsevier’s JJIMEI international journal, one out of two SMEs is facing a cyberattack, which costs more than $2.2 million a year on average, 43% of cyberattacks target small businesses, and 60% of small businesses shut down within six months of a cyberattack.
Dr. Shekhar Pawar conducted an analysis of the various inputs from the top management of SME companies in 19 countries during his doctoral studies on the cybersecurity of the SME segment at SSBM Geneva, Switzerland. The participating SMEs were from Australia, Bangladesh, Cyprus, Ghana, Hong Kong, India, Indonesia, Israel, Malaysia, Nigeria, Norway, Russia, Singapore, South Africa, Sri Lanka, Sweden, the United Arab Emirates, the United Kingdom, and the United States.
According to research, existing leading cybersecurity standards appear very expensive for SMEs, as they demand hundreds of controls to be implemented. Also, SMEs do not have enough resources to adequately implement those. More importantly, existing standards provide a common, generic set of cybersecurity controls for all the business domains, where top management can’t see the relevance to their business priorities and ROI. It has caused many SMEs to either not go ahead with the cybersecurity controls implementation or to choose any random controls as their own. Insider threats, malware attacks, ransomware, denial of service (DoS) attacks, web attacks, phishing attacks, etc., are more common cyber threats that SMEs are facing.
Looking at the research outcome, there is no surprise as to why SMEs are facing various cyber threats.
To resolve these issues faced by SMEs due to their lack of a good cybersecurity posture, a new cybersecurity framework has been designed and published internationally by Dr. Shekhar Pawar under the name Business Domain Specific Least Cybersecurity Controls Implementation (BDSLCCI). This framework is based on core cybersecurity concepts, which are a combination of defence in-depth (DiD) mechanisms along with confidentiality, integrity, and availability (the CIA triad). It is possible to identify a set of cybersecurity controls for a particular SME depending on its business domain requirements. It means that SME working in e-commerce must implement certain controls, while SME working in manufacturing must implement their own set of cybersecurity controls, and so on. There are three stages of the BDSLCCI journey of SME, known as Level 1 through Level 3. It helps the top management of SME businesses to invest stage-wise with direct protection for the mission-critical assets of their business.
SecureClaw Inc., a new venture by Dr. Shekhar Pawar, has developed BDSLCCI.com, an AI and machine learning-based web platform. Any SME representative can sign up by visiting a web portal and utilising its user-friendly functionality. When a representative logs in to the BDSLCCI web portal, the software algorithm pulls only the cybersecurity controls required for that SME’s business domain. SME can implement the recommended controls, and then, after uploading evidence, it can go for online validation of the implemented controls for a specific stage achieved. BDSLCCI auditors will conduct an assessment against that evidence. If an SME qualifies, it will be awarded a certificate for the BDSLCCI level attained. Free sets of policy documents, free cybersecurity awareness posters, a free cyber threat alert email notification service, etc., are added benefits.
BDSLCCI is expanding its network of certified lead auditors and member organisations worldwide, which will provide SMEs with consulting or more assistance in the successful adoption of BDSLCCI to secure their cyberspace.
To sign up for BDSLCCI, visit https://BDSLCCI.com
Email: CustomerService@BDSLCCI.com
Contact: (+91) 882-821-2157