Skip to content Skip to Search
Skip navigation

Information security for SMEs: available option or uphill battle?

searchinform MSS Alamy
SearchInform analysts work with the client to configure a protective system and then monitor it on a daily basis
In association with

by Lev Matveev, chairman of board of directors at SearchInform

If you search for “data leaks” online in the UAE one of the first results will be a column named Top 10 Cybersecurity Breaches in the United Arab Emirates. This is an interesting but alarming report containing a round-up of infamous incidents and revealing that the risks of data leaks are real and actual, and that their consequences are severe.

Today all businesses have something to lose. They keep customer databases, financial reports, employees’ personal details, technical data and much more. Such data loss or any misuse can lead to critical consequences, ranging from large financial and reputational damage to legal claims or even bankruptcy.

That is why more and more businesses strive to ensure their data is protected. However, not all of them succeed.

In this column I will reveal the factors that constrain efficient data protection and whether there is a solution to the problem.

Protection and solutions

Ensuring protection against data leaks and corporate fraud is difficult and expensive. It is not like antivirus or firewall protection that you can simply deploy and then forget about. 

This is because data leaks and complicated fraud schemes don’t happen in seconds; they require preliminary preparations including data analysis and investigation. This means protection against them must be permanently administered by an information security (IS) officer.

Here we come across the first difficulty: the necessity to hire an IS officer who will work with the protective software. Many organisations cannot afford to hire such a specialist – and there’s another even more serious issue – the severe lack of experienced IS experts on the market. 

The UAE alone lacks more than 30,000 such specialists, according to research by ISC2, the cybersecurity professionals members’ association.

This issue is especially relevant for small and medium-sized businesses (SMEs). The task of hiring such an expert is a difficult one, both in terms of finance and HR.

It is extremely expensive to maintain the systems that protect against data leaks and corporate fraud. Large corporations can usually easily afford to buy the software and the hardware, but SMEs – and also many governmental bodies – often lack the required budget.

From a human resources perspective, skilled and experienced IS professionals tend to choose sustainable large corporations, where they can deal with a wide range of practical tasks. 

All in all, SMEs cannot compete with large corporations for IS experts, and as a result they remain unprotected.

But remaining unprotected can lead to financial and reputational losses – as well as fines imposed by regulators.

So what can be done in these circumstances?

Lev Matveev, chairman of board of directors at SearchInform, which has more than 4,000 clients in sectors ranging from banking and retail to media and manufacturing

Once upon a time taxis were the prerogative of wealthy people only. However, with the development of services such as Uber, taxis gradually became more available and now they are across the globe and many more people can afford to use them. 

“Market Uberization” – the process of shifting from goods to services, with customers preferring the flexibility of using products when needed instead of owning things – breaks new grounds.

This trend has also influenced the information security sphere, embodied in the form of “managed security services” (MSS).

How managed security services works

MSS involves outsourcing information security management. Customers pay a monthly subscription to rent the protective software and hardware, which is managed by a dedicated IS analyst. 

MSS is the response to the market request, enabling businesses to overcome challenges and making security more available.

At SearchInform, for example, dedicated analysts are there to ensure protection against a wide range of internal threats such as data leaks and corporate fraud, including document forgery, kickbacks and moonlighting; providing regulatory compliance and controlling employee productivity.

To set things up a SearchInform analyst will work with the customer to configure a protective system according to their requirements and tasks. Once the software is configured the IS analyst will monitor the system on a daily basis to prevent any incidents and will immediately contact the customer in the case of any violations. 

The customer will also regularly receive detailed security reports to ensure there is total transparency.

Therefore with no need to purchase individual software licences and hardware, and at zero human resources costs, the customer gets complex business protection.

More than security

MSS is not limited to preventing data leaks.

Professional IS analysts can help to solve a wide range of adjacent tasks such as monitoring employee work processes, detecting cases of employee idleness or those working extra hours, exposing cases of spreading negativity in the team and detecting and preventing document forgery and file deletion and much more. 

Outsourcing internal information security tasks is most useful for C-level employees, IT and IS specialists and HR managers. They can set additional tasks in the system, including even the most complicated atypical ones that at first glance may seem unrelated to information security. 

To remain one step ahead it is important to be aware of the existing issues in a timely manner – and SearchInform analysts can help. 

If an employee is planning to resign, for example, the analyst can quickly reconfigure access rights to exclude any possibility of confidential data being stolen. HR specialists within the business will also need to either try to retain the employee or find a substitution in advance, which the analyst will help with.

The MSS service can also prevent significant financial losses caused by an employee’s fraudulent actions. 

For example, an insurance company with a remote branch with 10 employees had remained unprofitable for a while. It chose to sign up to SearchInform’s MSS service and the analysts discovered that one employee had been issuing insurances retroactively – his acquaintances, who needed insurance to cover their expenditures, paid the exact amount to him, who then forged documents and issued the insurances. 

The company had lost more than AED50,000 ($13,600) a year due to one malicious employee’s actions.

Accessible and cost-effective

MSS makes information security more accessible to all businesses, allowing them to avoid spending large amounts of money on protective software licences and hardware. 

Businesses who sign up to MSS will get protection within a few days, while buying their own in-house protection software and hiring an IS officer can take up to a few months. 

In addition to data protection, MSS information security analysts also ensure complex protection against internal threats including productivity issues, theft, corporate fraud and malicious behaviour, thus enhancing the efficiency of business processes.

Contact SearchInform

SearchInform offers a free 30-day trial, during which it will audit your business protection and reveal any weaknesses. Sign up for the free trial today.

Latest articles

Gulf airlines, Gulf airlines conflict, Gulf conflict risk, Gulf flights cancelled rerouted

Conflict risk leads Gulf airlines to cancel regional routes

Gulf airlines are among airlines that have cancelled and rerouted flights across the Middle East as the conflict between Iran and Israel escalates. They are avoiding Iranian airspace and many have cancelled routes entirely following a major missile attack by Iran against Israel on Tuesday. Immediately after the attacks about 80 flights operated by carriers […]

Taaleem's schools offer 'exclusive educational experiences' including access to high-tech equipment profits

Dubai school operator Taaleem increases profit by 55%

Dubai school operator Taaleem has reported revenue of AED945.2 million ($257.3 million) for its 2023-24 financial year – a 15.5 percent year-on-year increase. More student enrolments and the opening of new schools helped Taaleem to increase net profit before tax by 55 percent, to AED182 million, in the financial year ending August. Taaleem’s shares were […]

Shein IPO

Mubadala-backed Shein courts investors before London IPO

Chinese fashion retailer Shein, which is backed by the Abu Dhabi sovereign wealth fund Mubadala, is courting European investors before an initial public offering on the London Stock Exchange. Shein is due to hold informal meetings to answer questions and test the investment appetite of major investors in the coming weeks, before its planned IPO […]

Workers stand on a scaffold in Dubai. Building a high rise in the UAE can be as much as two thirds cheaper than in other major cities

Apartments in UAE among cheapest to build in the world

Building a standard residential high-rise in Dubai or Abu Dhabi is up to two-thirds cheaper than in other major global cities, thanks to land, labour and raw materials all costing much less. Land is up to three times cheaper in the UAE compared with the prices paid in New York, London, Hong Kong and Singapore […]