Skip to content

Top Cybersecurity Threats Facing Swiss SMEs in 2024

Cybersecurity threats are on the rise, and no business is immune. According to a study by Digitalswitzerland and the Mobiliar, “every tenth SME in Switzerland has already been a victim of a cyberattack, and 55% of those affected reported financial losses.” This alarming trend highlights the growing importance of cybersecurity for small and medium-sized enterprises (SMEs).

Despite the increasing awareness, many SMEs struggle to implement effective security measures. A survey conducted by gfs-zürich revealed that “only 56% of Swiss SME leaders feel well-informed about cyber risks,” indicating a significant gap between awareness and action. This gap is particularly concerning given that “around one-third of surveyed Swiss companies were affected by cyberattacks in 2021” .

Cybersecurity is critical for SMEs in Switzerland due to their unique vulnerabilities. Unlike larger corporations, SMEs often lack the resources to invest heavily in robust cybersecurity infrastructures. They rely more on external IT service providers, yet “only about half of these providers have recognized security certifications,” as noted by Andreas Kaelin, CEO of Allianz Digitale Sicherheit Schweiz. This reliance can leave SMEs exposed to potential supply chain attacks and other risks.

In this article, we will explore the top cybersecurity threats facing Swiss SMEs in 2024 and provide actionable insights to help mitigate these risks. By understanding these threats and taking proactive measures, SMEs can protect their assets, maintain their reputation, and ensure business continuity in an increasingly digital world.

#1 Phishing and Social Engineering Attacks

Phishing and social engineering remain some of the most prevalent cyber threats. Phishing involves cybercriminals sending fraudulent emails that appear legitimate, tricking recipients into disclosing sensitive information like passwords or credit card numbers. Social engineering manipulates individuals into revealing confidential information through deceptive interactions, such as phone calls or social media messages.

These attacks exploit human psychology, targeting employees to gain access to critical systems and data. The potential damage includes financial loss and significant reputational harm. According to a study by Digitalswitzerland and the Mobiliar, “slightly more than half (56%) of respondents feel rather or very well informed about cyber risks,” yet many still fall victim to these scams.

To mitigate these risks, SMEs should:

  • Conduct regular phishing awareness training for employees.
  • Implement email filtering solutions to block suspicious messages.
  • Use multi-factor authentication (MFA) to add an extra layer of security.

#2 Ransomware Attacks

Ransomware is a type of malicious software that encrypts a victim’s data, rendering it inaccessible until a ransom is paid to the attacker. Typically, these attacks begin with a phishing email or exploiting a vulnerability in the system. Once the malware is installed, it quickly spreads, locking files and displaying a ransom note demanding payment, often in cryptocurrency.

The impact of ransomware attacks can be devastating. They can halt business operations, leading to significant financial losses and downtime. According to a study by gfs-zürich, “around one-third of surveyed Swiss companies were affected by cyberattacks in 2021” with ransomware being a common threat. The financial impact includes ransom payments, costs for system restoration, and potential fines for data breaches.

To mitigate the risks of ransomware attacks, SMEs should implement the following measures:

  • Regularly backing up data and storing backups offline.
  • Keeping antivirus and anti-malware software updated.
  • Training employees to recognize and avoid suspicious links and attachments.

#3 Insider Threats

Insider threats refer to security risks originating from within the organization, typically involving employees, former employees, contractors, or business associates who have access to sensitive data and systems. These threats can be categorized into two types:

  1. Malicious Insiders: Individuals who intentionally exploit their access to harm the organization. They might steal data, sabotage systems, or share confidential information with competitors.
  2. Negligent Employees: Individuals who, through carelessness or lack of awareness, compromise security. This can include using weak passwords, falling for phishing scams, or mishandling sensitive data.

Insider threats can lead to severe consequences, including data breaches and intellectual property theft. Such incidents can result in financial loss, legal repercussions, and damage to a company’s reputation. According to a study by Digitalswitzerland, “11% of SMEs reported significant efforts were needed to recover from cyberattacks, with many involving insider threats.”

To mitigate the risks posed by insider threats, SMEs should implement the following strategies:

  • Implement strict access controls to limit data access to only those who need it.
  • Monitor employee activity for unusual behavior.
  • Conduct regular security audits and background checks on employees.

#4 Vulnerabilities in Remote Work Environments

The increase in remote work has introduced new security challenges for SMEs. While remote work offers flexibility and convenience, it also exposes businesses to potential cyber threats. Employees working from home often rely on unsecured home networks and personal devices, which are typically less protected than corporate environments.

Potential Risks:

  • Unsecured Home Networks: Home Wi-Fi networks may lack the robust security measures found in corporate networks, making them more susceptible to cyberattacks.
  • Use of Personal Devices: Employees using personal devices for work can introduce vulnerabilities, especially if these devices are not properly secured or updated.
  • Lack of Physical Security: Remote work environments might not have the same level of physical security controls as office settings, increasing the risk of device theft or unauthorized access.

To secure remote work environments, SMEs should:

  • Require the use of Virtual Private Networks (VPNs) for remote connections.
  • Enforce security policies for personal devices used for work.
  • Provide secure collaboration tools and train employees on their proper use.

#5 Supply Chain Attacks

Supply chain attacks occur when cybercriminals infiltrate a company by compromising a third-party vendor or service provider that has access to the company’s data or systems. These attacks can be particularly devastating for SMEs, which often rely heavily on external partners for various services.

In a supply chain attack, attackers exploit vulnerabilities in a vendor’s security to gain unauthorized access to the primary company’s network. Once inside, they can steal sensitive data, introduce malware, or disrupt business operations. These attacks can go undetected for extended periods, allowing attackers to cause significant damage.

Cascading Effects of Supply Chain Attacks:

  • Operational Disruption: Compromised systems can lead to downtime, halting business operations and causing delays in service delivery.
  • Data Breach: Sensitive information, including customer data and intellectual property, can be stolen, leading to financial losses and reputational damage.
  • Legal and Compliance Issues: Companies may face legal consequences and regulatory fines if they fail to protect customer data adequately.

SMEs can mitigate supply chain risks by:

  • Conducting thorough due diligence on vendors and their security practices.
  • Implementing supply chain security best practices.
  • Maintaining a robust risk management plan.

#6 Cloud Security Issues

Cloud services offer many benefits but also introduce security challenges, such as misconfigurations and vulnerabilities. Breaches in cloud environments can lead to significant data leaks and service disruptions. The increasing reliance on cloud applications means “cloud services pose risks such as outages, cyberattacks, unauthorized access, and data loss”.

Common Cloud Security Vulnerabilities and Misconfigurations:

  • Misconfigured Storage Buckets: Publicly accessible storage buckets can expose sensitive data to unauthorized users if not properly configured.
  • Inadequate Access Controls: Weak or improperly managed access controls can allow unauthorized access to cloud resources.
  • Unpatched Software: Outdated software and unpatched vulnerabilities in cloud applications can be exploited by attackers.
  • Insufficient Monitoring: Lack of continuous monitoring can result in undetected breaches and unauthorized activities.

To enhance cloud security, SMEs should:

  • Use encryption to protect data stored and transmitted in the cloud.
  • Conduct regular security assessments and audits of cloud configurations.
  • Follow shared responsibility models to understand the security responsibilities of both the cloud provider and the user.

#7 AI and Machine Learning Threats

The rapid advancement of AI and machine learning technologies has revolutionized many industries, including cybersecurity. However, these same technologies can be used maliciously by cybercriminals to conduct sophisticated attacks. AI can automate and enhance various aspects of cyberattacks, making them more effective and harder to detect.

Potential AI and Machine Learning Threats:

  • Sophisticated Phishing Attacks: AI can generate highly convincing phishing emails tailored to individual targets by analyzing their online behavior and preferences. This increases the likelihood of successful phishing attempts.
  • Automated Attacks: AI-driven tools can scan for vulnerabilities, launch attacks, and adapt strategies in real-time without human intervention. This allows for more frequent and diverse attack patterns.
  • Deepfakes and Social Engineering: AI can create realistic fake videos or audio recordings to impersonate trusted individuals, facilitating social engineering attacks. These deepfakes can be used to deceive employees into divulging sensitive information or authorizing fraudulent transactions.

Evolving Threat Landscape:

  • Adaptive Malware: AI can develop malware that adapts to evade detection by learning from the defenses it encounters. This makes traditional signature-based detection methods less effective.
  • AI-Powered Botnets: Botnets controlled by AI can manage large-scale attacks more efficiently, distributing malicious activities across numerous compromised devices to avoid detection.
  • Targeted Attacks: Machine learning algorithms can analyze vast amounts of data to identify high-value targets and tailor attacks specifically to exploit their vulnerabilities.

To combat AI-driven threats, SMEs should:

  • Stay updated with the latest security trends and threat intelligence.
  • Invest in AI-driven security solutions to enhance threat detection and response.
  • Continuously improve their cybersecurity posture through training and adopting advanced technologies.


SMEs must proactively address these threats by investing in comprehensive cybersecurity training and solutions. Building a strong cybersecurity foundation is essential to protect against these evolving threats and ensure business continuity.

At the Swiss Cyber Institute, we offer tailored training programs through our SETA (Security Education, Training, and Awareness) Program. Our modules address essential cybersecurity skills, ensuring your teams are equipped to handle current and future challenges.

By investing in training and development in these areas, companies can better prepare themselves against the evolving threat landscape. Explore more about our approach and offerings here.

Global Cyber Conference 2024

The Global Cyber Conference is a leading international cyber security event attended by high-level cyber security stakeholders, policy makers, regulators and academics from around the world.

In 2024, the focus will be on Cloud Security, Al Security, Business Impact and Enterprise Strategy. Each of these focal points will be covered in detail to provide participants with a wealth of knowledge, practical examples and important tools. Check out  the conference programme.

To ensure even better networking and personal interaction between participants, sponsors, speakers and partners of the Global Cyber Conference 2024, attractive networking events are planned in the Zurich area over the course of the year. These are included in the conference ticket package. The next pre-conference networking event will take place on 20 June 2024 at the “Fischerstube Zürihorn”.

The Swiss CISO Awards presented by EY Switzerland will take place on 27 November 2024 at the “AURA” Zurich and is once again an integral part of the Global Cyber Conference. Seize the opportunity to register yourself or honour a colleague for his/her leadership qualities in the field of cyber security. A panel of industry leaders awaits you to evaluate your achievements or those of your nominee. Apply or nominate a CISO today!

Do you have any questions?

Schedule a personal consultation call with our Education & Career Specialist, Fionn Sieber.