Anna Sarri from Enisa: SMEs are Facing Major Cybersecurity challenges

Cyber security expert Anna Sarri from the European Union Agency for Cybersecurity, ENISA

It was a pleasure to have a cyber security expert Anna Sarri from the European Union Agency for Cybersecurity, ENISA speaking in our Cynic-webinar Cyber Security Awareness – Insights from ENISA on 7th of December. Already for 15 years, the EU Agency for Cybersecurity has been pushing forward cybersecurity initiatives to help small and medium-sized enterprises (SMEs).

SMEs represent 99% of all businesses in the EU and employ around 100 million people. The Covid-19 pandemic forced SMEs to rethink their digital capabilities. Remote work increased and followed by growing cyber threats, SMEs are facing major Cybersecurity challenges.

Anna Sarri told us about a survey that was made in Europe. 85 % of the SME´s feels that cyber security is a key concern for business. It also seems that the concern is not going to be smaller because cyber security threats become more and more complicated. About 84 % of attacks relay in social engineering.


This is the first page of Anna Sarri´s presentation. It is written Cyber Security Awareness – Insights from ENISA


Cyber security consists of three parts: people, process and technology

Based on the survey Anna Sarri wants to point out cyber security issues for everybody to think about:

Train your staff, provide security awareness knowledge and education. Create a strong cyber security policy; strong passwords and data protection principles helps you to keep processes structured. Take care of technology, update devices, antivirus and backups.


This is a slide from Anna Sarri´s presentation. There i 4 ways how Enisa is supportin SME´s


When it comes to ransomware attacks, here come some important points: Backups are an effective method to recover from a ransomware attack, strong password policy and employee awareness are key methods to prevent them, and if using RDP for remote access ensure it is secured.

Especially nowadays, when a huge amount of people is working remotely the risk for stolen laptop is prominent. To prevent accidents always ensure all the portable devices are encrypted and also provide security awareness to staff on the risks.

CEO fraud can cause big troubles and financial loss. Ensure all staff, especially those in privileged role such as finance, follow written processes and procedures. Ensure management will not discipline staff for when they do follow proper processes and procedures. Provide company systems for staff to communicate securely.


Great role model

The lack of cyber security experts is a real concern for companies of all size and actually for all the society. This is also related to lack of female in the branch. Anna Sarri´s own background lies in computing sciences. In early stage she became interested in cyber security and by time she joined ENISA. Anna is a great role model, she shows that a career in cyber security is exciting and promising for women.


This is a sceenshot from Annan Sarri at the webinar 7th December, when she had her presentationKeynote Speaker: Anna Sarri

Cybersecurity Officer at European Union Agency for Cybersecurity (ENISA)

Anna is a Cybersecurity Officer in Capacity Building Unit at European Union Agency for Cybersecurity (ENISA). She works as a project Manager, supporting SMEs by providing guidance and by raising awareness on cybersecurity issues to improve their resilience against cybersecurity threats. Part of this work is done by promoting and ensuring uptake of information on good cybersecurity practices.


Recent publications about Cybersecurity for SMEs:

SME Cybersecurity — ENISA (

More about Enisa:

Don´t miss Enisa´s YouTube channel: