Skip to main content
Home » Digital Transformation & Cybersecurity » Three simple steps for SMEs to ward off cyber-attacks
Sponsored

Rigo Van den Broeck

Executive Vice President, Cybersecurity Solutions, Mastercard

The threat of cybercrime is alarmingly real for small and medium-sized businesses. Yet, there are three easy things they can do to protect themselves from scammers and hackers.


If you’re a small business owner who doesn’t think cybersecurity is an issue that affects you, Mastercard Cybersecurity Executive Vice President Rigo Van den Broeck has some advice for you: it does.

SMEs vulnerable to cyber-attacks

Consider this: Mastercard’s 2025 SME Cybersecurity Landscape Report revealed that 45% of SMEs globally have experienced a cybersecurity attack. That’s a huge number, which demonstrates just how effective cybercriminals can be. Their malign attention can easily fall on you, so it could be time to fundamentally rethink your approach to cybersecurity.

“For example, if you’re a retailer, you should treat your online business in the way that you treat your physical premises,” advises Van den Broeck. “After business hours, you always lock up your shop and switch on the burglar alarm. So, why wouldn’t you invest in, say, antivirus capabilities or an assessment to show where the vulnerabilities may be lurking across your technical infrastructure? That’s where the cybercriminals and fraudsters will be looking. If they find vulnerabilities, they’ll use them to infiltrate your system and either compromise or exfiltrate data.”

Small and medium-sized firms are
the lifeblood of the economy.

Protecting SMEs from cyber-attack consequences

Of course, it can be easier for larger organisations to focus on cybersecurity as they’re likely to have more financial clout and personnel. SMEs, however, may not. Yet, the impact of an attack can be existential to organisations of any size. It can affect their sales and their bottom lines. It can also tarnish their reputations, resulting in significant and perhaps irreversible brand damage.

That’s why Van den Broeck advocates that all SMEs — whatever the nature of their business — take three important security steps. These are possible, he insists, even at a time when budgets are tight. “Small and medium-sized firms are the lifeblood of the economy, ” he says. “We’re keenly aware of our responsibility towards SMEs. Our products — such as contactless payments — enable digital commerce, so it’s our duty to help secure it.” According to Mastercard research, nearly one in five SMEs globally that experienced an attack then filed for bankruptcy (18%) or closed the business (17%) — the threat can be existential.

Easy steps to improving your cybersecurity

First, Van den Broeck suggests they visit the Mastercard Trust Centre, which provides easy online access to free education research, resources, tools and learning content which has been specifically designed to help protect SMEs from cybercrime. This is relevant if you’re just setting up in business — or if you’re an established SME owner who wants to take your security know-how to a higher level.

After all, knowledge is power; it must be made affordable, accessible and understandable for small business owners and their staff. “For instance, our resources include information about the real-life tactics that cybercriminals and fraudsters use,” notes Van den Broeck. “We’re not trying to scare people. We want to empower them to make qualified decisions about the type of requests they respond to and the sort of links they click on.”

Why consistent monitoring for vulnerabilities is key

Second, Mastercard has developed a suite of products and solutions to help small and medium-sized businesses detect and monitor cyber risk across their digital ecosystems, make easy fixes and practice good IT hygiene. Van den Broeck says: “They’ll also show them how best to use these products and offer them IT support, knowledge and awareness.” In Ireland, Mastercard also partners with Technology Ireland ICT Skillnet to provide free access to the Global Cyber Alliance’s cybersecurity toolkit for small businesses.  

The final step concerns consistency. “Cybersecurity can’t be a ‘one-off’ because, as technology evolves, so do the capabilities of the cybercriminal,” explains Van den Broeck. “Your business may be safe today but insecure tomorrow because, without consistent monitoring, your technical estate will always be prone to vulnerabilities.”

The cybersecurity landscape has changed for everyone, and busy SMEs are easily diverted and extra vulnerable. “Cyber risk is now a business risk,” says Van den Broeck. “Cybersecurity tools and solutions should be central to any organisation, whether they’re small, medium or multinational.”

Next article