Cybersecurity for small and medium-sized enterprises

a lightweight Cybersecurity framework for thorough protection

Latest News Concertation Meeting

The technology leader ATOS presented the SMESEC project, targeted impact, and roadmap. read more

Atos presents SMESEC in a national press note

Atos has released a press note about the SMESEC project in its webpage. read more

Software Product Summit

The university of applied sciences FHNW presented the SMESEC cybersecurity awareness and capability improvement framework for small and medium-sized enterprises. read more

more news

Cyber Threats to SMEs


of all cyber attacks or breaches in 2016 were aimed at SMEs


of SMEs have no systematic approach for ensuring Cybersecurity


of SMEs who were victims of cyber attacks did not recover and shut down within 6 months

Sources: Symantec Internet Security Threat Report & US Securities and Exchange Commission

Small and medium-sized enterprises (SME) are the new big target for cyber attacks. SMEs see themselves confronted 
with a large variety of cyber threats.

survey results

Top Cyber Threats for SMEs

1. Distributed Denial of Service (DDoS)
2. Using Known Vulnerable Components
3. Broken Authentification and Session Management
4. Security Missconfiguration
5. Injection
6. Cross Site Scripting (XSS)
7. Sensitive Data Exposure
8. Garbage Data
9. Internal Threats (Malicious Insiders)
10. Insecure Direct Object References

* according to survey conducted by SMESEC among SMEs

Learn more about all current threats and how to mitigate them, as well as the general importance of Cybersecurity for SMEs.


The SMESEC framework

 & Training Tutorials
Definition & Recommendation Tools
Vulnerability Discovery & Resolution Tools
Threat Protection 
& Response Tools
Lessons from Testing & Validation

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats. As an SME, you find vulnerabilities and address them with simple tutorials, tools, and lessons-learned – all by yourself.


Benefits from using the SMESEC framework

Do it yourself

Step-by-step guidance for 
meeting customer requirements 
and standards

Keep the investment small

Cost-effective tutorials 
and tools suitable for a busy environment

Keep it simple

Practices adapted to your company instead of complicated 
formal policies and procedures

The SMESEC consortium understands the SMEs environment, which may be busy, hectic, and diverse. SMESEC will offer a framework that is based on up-to-date information about Cybersecurity facts and events and makes Cybersecurity available to all employees. The SMESEC framework will allow an SME to build Cybersecurity itself, require just little investment, and avoid complicated formal policy and procedures. The use of the SMESEC framework will make Cybersecurity accessible for SME and help to prevent and mitigate cyber risks of a large part of the European economy.