By Dipesh Kaura
Technology for MSMEs: The MSME sector is rightly hailed as the growth engine of the Indian economy. It comprises 6.33 crore (and counting) MSMEs which employ nearly 11 crore people and contribute to around 30 per cent of the country’s nominal GDP. As a sector, it is posting a double-digit growth rate year on year. The importance of MSMEs cannot be overemphasised in an India striving to achieve a $5 trillion economy.
Yet, it is also true that the Indian MSME sector is far from running full steam ahead. If its technology adoption rate is low around 37 per cent, that for software-as-a-service is down to a meagre 7 per cent. This reflects the untapped potential within the market as well as the inability to scale rapidly. There is a variety of reasons for this performance, the chief being a lack of resources as well as that of technological know-how. However, when you factor in the policymaking support the sector continues to receive in the form of Make in India, Aatmanirbhar Bharat, ECLGS scheme and more, one must dig deeper
At the core of the MSMEs’ slow approach towards technology adoption is the worry over the safety of their digital assets. They are overwhelmed by the sheer variety of platforms they need to use and the capabilities required to productively manage their presence across all. The only way to create an environment of confidence around the use of technology is by addressing deep-seated anxieties related to the security of data and identities online.
Understanding MSMEs’ security need
For as many as 99.4 per cent of the 6.33 crore MSMEs in India, which are micro enterprises, the investment in plant and machinery does not exceed Rs 25 lakh. Small enterprises make up only 0.52 per cent of this number, coming to 3.31 lakh businesses in all. Medium enterprises, with investments of Rs 5-10 Crore, add up to just 5,000 approximately. Thus, around 95 per cent of India’s MSMEs would face a serious existential crisis in the event of a cybersecurity incident.
It is also true that incidents of cybercrimes against enterprises have spiked in the post-Covid era. In 2021, nearly 62 per cent of small businesses in India had been the target of cyberattacks that cost them upwards of Rs 3.5 crore in damages. It shows how small businesses are no longer seen as too small for an attack by cybercriminals. Stakes being so high, MSMEs are wary of internet-enabled technology that brings additional vulnerabilities to their system, its massive benefits notwithstanding.
The most common types of cyberattacks faced by MSMEs today are ransomware, cryptojacking, phishing, password targeting attacks, and advanced persistent threat (APT) attacks. For MSMEs to protect themselves against such a complex-looking multi-fold problem, the solution must be easy to adopt and affordable to access.
Subscribe to Financial Express SME newsletter now: Your weekly dose of news, views, and updates from the world of micro, small, and medium enterprises
The zero trust model of cybersecurity delivers the comfort of all-round security of a business’s digital assets. It is particularly effective because it acts where more than 80 per cent of cyberattacks originate: in the misuse of credentials within the network.
What is zero trust
As the name suggests, the zero trust security framework requires all users (external and internal) on a network to be continuously validated, authenticated and authorised for access to applications and data. A system where none can avoid credentials checks and validation procedures. Common modalities of zero trust include multi-factor authentication, advanced endpoint security and protection, and cloud technology.
Because a zero trust model assumes no boundaries to its application, it is perfectly suited to the hybrid work conditions of today. It also happens to be the futuristic approach for the same reason.
How MSMEs can transition
The zero trust model phases out the one-time verification process to activate the verify-always approach. It means establishing a network that ensures MSMEs are always in control of the various identities being used to access various devices and data.
The setup is known to be elaborate and it consumes time and resources as you need to upgrade the IT infrastructure, which may include devices. It can seem a bit overwhelming as MSMEs usually strive to protect cash flows as well as the time on hand for their limited staff. This is where the MSME’s small size becomes a big advantage: a one-time investment transitioning towards zero trust compounds its effect over time, making the business more secure and viable over the long term.
As an added benefit, the zero trust model can make MSMEs more confident about adopting new and advanced technologies across their business without a worry. All they need is the right provider who helps their organisation transition to the zero trust framework, and facilitates incremental progress, with the benefit of readily available technical support that includes cybersecurity training for their staff.
Dipesh Kaura is General Manager at Kaspersky South Asia. Views expressed are the author’s own.