You are here

Cybersecurity: the Challenge for SMEs

Cybersécurité : prévenir les risques spécifiques aux TPE/PME
Published on
17 May 2017

SMEs are currently a favorite target of cyber-attackers. Why? Unlike major companies, SMEs rarely have an IT department or a process to train employees and prevent digital invasions. As a result, specific cybersecurity training can be a real advantage for company safety. 

According to the last CESIN CESIN (Club des Experts de la Sécurité de l'Information et du Numérique), 80% of companies have had to deal with cybersecurity issues over the past 12 months. If you take into account the fact that it costs on average €800,000 to recover from a cyberattack, investing in preventive training can be a cost-effective solution.

A company-wide issue

Every employee generally has a computer, internet access and access to the company's network. This makes for many potential open doors through which cyber-criminals can infiltrate a company. "A simple USB key can be configured in a specific manner and left lying around. It will quickly be picked up by a curious user who inserts the USB key in their computer and enables a virus to be downloaded. That's all it takes to hack a company's IT system and access valuable data," explains Yannick Chatelain, an expert on online marketing, hacking and cybercrime who is also a researcher and professor at Grenoble Ecole de Management.

Another dangerous attack is the "director rip-off". Once a cybercriminal obtains a key password, he or she can build on the company's organizational structure and combine well-placed phone calls and the use of said password to implement fraudulent actions such as wire transfers. "In some cases, an untrained accountant or financial director can even find themselves accused of collaborating with the cybercriminal!" underlines Yannick.

The danger of curiosity

Ransomware is virus that is loaded onto an IT system and blocks a company's access to its own data. "In 2012, McAfee already counted 120,000 samples of this type of virus. A key to unlock encrypted data is offered in exchange for payment of a ransom, often by sms. Here curiosity is really a killer because unknowledgeable employees will often click on the link sent by hackers. Once that happens, the timebomb is just waiting to go off!" adds Yannick.

Phishing and scamming are other common tactics that rely on progressively acquiring information about a company. Hackers use personalized communications to achieve an objective such as installing a backdoor in an IT system in order to collect banking data or learn sensitive information in order to blackmail a company.

"Cybercriminals are overflowing with creativity when it comes to finding new ways to trick their victims. The best solution to fight off cybercriminals is to set up safety nets through processes such as training to ensure employees know how to use their email accounts in a safe manner. Whereas a major company's IT department will control each user's level of access, SMEs oftentimes don't even have a firewall," concludes Yannick.

Bibliography on this subject

A certificate to manage cybersecurity

Grenoble Ecole de Management via EMSI signed a partnership agreement with EPITA, a school with expertise in cybersecurity training. The two schools agreed to develop new training programs in their fields of expertise. Their first collaboration takes form with a new professional certification program on the topic of managing information security and risks. The certificate is designed to prepare managers to face future cybercrime issues. The first certification will start in September 2017 on the Paris campus. The program will cover policies and methods to help anticipate risks and take protective measure to secure a company's data. EPITA will provide cutting-edge expertise as the school is a partner to the state security services with SecNumedu certification by ANSSI (French National Agency for the Security of Information Systems) and CTI accreditation.

This training program will take place between September 2017 and March 2018 on our Paris campus. The program will include 52 days of training over seven months. Classes will be taught by cybersecurity experts and will build on case studies. To apply, participants should have a master's degree or equivalent in science, sales or management as well as five years' work experience. The TOIEC or equivalent is also required.

Contact

Aurore Besson

On the same subject

  • GIROD-ROUX VÉRONIQUE
    Published on 22 October 2019

    Improving skills: getting your training right

    An employee’s skill set can evolve and improve throughout a career. To do so effectively, companies and individuals must consider several key factors such as identifying specific skills to be improved or choosing the right training organization.

  • Les MOOCs géopolitiques de GEM ré-accrédités EOCCS
    Published on 15 October 2019

    GEM’s Geopolitical MOOCs re-accredited EOCCS

    Grenoble Ecole de Management’s (GEM) online training program « Global Studies: International Relations and World Politics » renews its EOCCS (EFMD Online Course Certification System) accreditation, a guarantee of quality awarded by the EFMD....

  • La formation Data Aspergers : premier bilan
    Published on 22 September 2019

    Wrapping up the first Data Aspergers class

    After the first Data Asperger’s graduating class, 21 out of 28 students with Asperger’s syndrome are now employed, a success that bodes well for the future of the program.

  • Des catalogues digitaux enrichis… Pour quoi faire ?
    Published on 16 September 2019

    Digitally enhanced catalogs… A winning promise?

    3D images, videos, detailed product files… Digitally enhanced catalogs offer a new, trendy marketing tool. Yet research confirms that such enhancements aren’t necessarily a worthy investment.

  • FESTIVAL DE GEOPOLITIQUE 2020
    Published on 19 June 2019

    Geopolitics Festival 2020: Call for Contributions

    The 12th edition of the Geopolitics Festival, themed “Digital R-evolutions?”, will take place March 25-28, 2020. Applications to submit a proposal for contribution are open until July 14 to all* working on this topic, regardless of their discipline...

  • Comment gagner en valeur en co-créant avec ses clients ?
    Published on 15 April 2019

    How to increase value by co-creating with customers?

    Co-creating new services and products with customers enables companies to better match customer expectations and increase the success of their offers. With the advent of digital technology, the co-creation process has become all the more accessible...

  • Published on 25 March 2019

    Digital jobs: leading by example

    With two women in charge of its big data and information systems programs, Grenoble Ecole de Management seeks to lead by example and help break down barriers to women in the digital sector.

  • Une formation Data Aspergers pilote en France
    Published on 15 March 2019

    Training in data: a unique program for Asperger’s profiles

    By 2020, French companies will have to fill 900,000 jobs in the field of data. In response to this challenge and to support diversity in the workplace, GEM is launching a program specifically dedicated to training students with Asperger’s by...

  • Open innovation: the key to staying ahead of the game
    Published on 11 March 2019

    Open innovation: the key to staying ahead of the game

    Over the past 20 years, the pace of technological development has skyrocketed. To stay competitive, companies have to innovate efficiently and quickly bring new products or services to market. Open innovation offers a vision that can increase the...

  • Les femmes et les métiers du numérique
    Published on 25 February 2019

    Women in a digital world

    The Grenoble Business Review continues its series on women in the digital world. We speak with Charlotte and Jalila, both of whom entered and found their place in a digital world often perceived as being open only to men.

  • Federico Pigni a propos de Digital Twins dans une interview accordée au canal Xerfi.
    Published on 14 February 2019

    Why are Digital Twins becoming a business imperative?

    What are these custom and very specific types of virtual simulations and how can they open up a multitude of new opportunities for us?

  • Published on 24 January 2019

    Women and digital jobs: a love-hate affaire?

    The digital sector is booming, yet only 16% of technical jobs are filled by women. As a recent graduate of GEM’s Advanced Master’s in Big Data, Zineb Bennis shares her positive experience in the world of data science.

  • Published on 23 October 2017

    Management: Why Become a Business Coach?

    Improve managerial skills and techniques, teach how to manage conflicts, learn self-control… For the past ten years, Grenoble Ecole de Management has offered managers, consultants, trainers and HR employees a training program for individual and...

  • Une quarantaine de collaborateurs Ubisoft en France sont issus de Grenoble Ecole de Management
    Published on 15 May 2017

    Recruitment: How Does Ubisoft Rely on Its Alumni Employees?

    Alumni from various schools can be a precious asset for companies to build connections with potential recruits.

  • Published on 30 June 2016

    Joining the UN’s International Telecommunication Union (ITU)

    Grenoble Ecole de Management becomes the first Business School in the world, and the first higher education institution in France to join the prestigious International Telecommunication Union (ITU), the United Nations specialized agency based in...