*Detection and Minimization of Malware by Implementing AI in SMEs DOI: http://dx.doi.org/10.5772/intechopen.108229*

IDS to promote better hygiene within the cyber interface. Rawindaran et al. took requirements from the UK General Data Protection Regulations Act (GDPR) as part of the broader framework of the study and further explored the techniques of ML to show better detection through a commercially subscription-based model for support from Cisco compared to that of the Open-Source model which required internal expertise in ML. The study went on to discuss the challenges between IT expertise and costs of products to help SMEs protect and secure their data and the benefits of moving to an intelligently controlled environment and not compromising on costs. Kshetri [27] added that.

*"Cybersecurity company Blue Voyant's survey found that 97% of firms had been impacted by a cybersecurity breach in their supply chain, and 93% had suffered a direct cybersecurity breach due to their supply chains' weaknesses." [27].*

There are various points in an SME business whereby malware can make its presence, and Kshetri's study performs an exploration into the various elements that contribute to the health of SMEs. Part of the vulnerability lies in the much-used supply chain partners to SMEs. These are in the form of third-party software, managed service providers (MSPs), IT vendors and other providers of software and its content, vendors in a physical capacity, and non-IT contracting vendors. For third-party software, the vulnerability lies in the "implanting" of malicious codes within this software. Understanding where this software come from and how they are managed within the supply chain can be a challenge and barrier. For MSPs, it is the reliance of these MSPs pushing out updates that could contain malicious code from their supply chain, in providing their own service of performing remote monitoring on managed computers. When it comes to IT vendors and partners, both virtual and physical, understanding the vulnerabilities of installing or injection of malicious codes by the attack on these vendors before products get shipped or provided to businesses. Lastly non-IT contracting vendors are using this platform to gain access to privileged resources to target the business. On each story of this supply chain, Kshetri gave examples, such as the attack on Equifax in 2017, showing a compromise of 146.6 million social security numbers and personal data. In the attack on Kaseya in 2021, victims were from 17 countries targeting nearly 1500 businesses. SolarWinds breached in 2020, showing an impact to 18,000 of their customers in the installation and injection of malicious codes. Most recently in the August of 2022, Advanced, a company that provides software for the NHS, experienced a ransomware attack causing patient data to be the target. Advanced as a supply chain provided NHS with services that included patient referrals, ambulance dispatch, out-of-hours appointment bookings, mental health services, and emergency prescriptions as reported by The Guardian [28].

Research is consistently showing ways in which to overcome malware attacks from various angles of business management, technology management, and of course human awareness within the SME. A paper by Cruzado et al. [29], suggested SMEs develop a "HOGO" reference framework based on two regulations, ISO 27002, and ISO 27032 for cybersecurity. The "HOGO" framework in this study applies good practices relating to internet security, critical infrastructures for information, network security, and information security, covering all aspects of the SME business [29]. Cruzado explains the framework being a combination of ISO 27002, which provides good controls for information security, and ISO 27032, providing good practices and recommendations. Both take into account the risks of the context for the security of the company's information. Using regulations can help identify supply chain partners

with high cybersecurity risks (e.g., the U.K.'s Cyber Essentials) and reduce vulnerability in third-party software through frameworks such as "HOGO."

### **2.3 Big data risks**

This section of the research is related to the essentials of the big data collection process through several resources from Wireless Sensors Networks (WSN) and other IoT sensors. Data collection is a procedure of collecting significant information to evaluate the outcome process and it becomes gradually significant since the burst of big data and the new development of technologies. SMEs collect an increasingly large amount of data, with information following into departments from many directions. For the data that SMEs collect to be meaningful and actionable, it needs to be provided in real-time so policy makers or managers can make decisions based on understanding the situation as it is, and not as it was. Thus, what technology is needed to make the most up-to-the-moment besides developing and modifying the policies to make the most of up-to-date data?

Big data refer to collecting and managing data in three forms High Volume, High Velocity, and Wide Variety. Big data management refers to the effective procedure that focuses on the management and usage of structured and unstructured data and its main purpose is to attain great data quality and accessibility for big data applications that certainly influence the performance of the organization [30]. The appropriate oversight of data throughout its life cycle is important to optimize its utility and minimize potential errors.

The most crucial purpose of big data is to guarantee that the data is captured and stored securely from resources, so it includes good data protection to avoid cyber risks. Big data management is challenging, and it has a vital role in managing the organization's data, it's a useful technique companies follow to maintain or preserve the data. The critical role in exploring and analyzing a big quantity of data is to discover effective patterns for big data. The business organization/SME aims to generate products and provide insight from this big data to improve its product achievements.

Recent technological developments in the field of communication struggle with internet connectivity issues that have led to the development of Wireless Mesh Networks (WMN). WMN is a wireless form of communication that works on the multi-hop concept for connecting multiple devices in the same grid area [31].

The multi-hop nature of WMN tied with fewer security mechanisms being employed makes it mandatory to make WMN secure from foreign attacks and malware. It's clear that security needs more attention in the characteristic of WMN. The Wireless Sensors Networks (WSN) enable the communication between devices and Radio Frequency Identification (RFID) allows the category of devices to collect the data. The amount of data collected from WSN puts entities at risk as they become more easily recognized with unauthorized processing, which can disrupt data protection laws, for instance, General Data Protection Regulation (GDPR), any data breaches, the data controlled will pay fines under GDPR (4% of annual turnover or 20 million) or evolving data protection laws [32]. There are many security concerns related to wireless communication, network transmission, information processing, and privacy. Also, two types of security parameters must be upgraded such as encryption and authentication.

The perception of business organizations/SMEs believes that more data is collected to gain visions and offer greater knowledge and greater benefit to the organizations, and data minimizations will limit the success of some specific applications.

*Detection and Minimization of Malware by Implementing AI in SMEs DOI: http://dx.doi.org/10.5772/intechopen.108229*

Also, big data has a big impact on security performance and should be evaluated. Apparently, gathering mass amounts of data using WSN can be acceptable only if the benefits overweight the privacy and security of personal data. Therefore, securing personal data has become a significant challenge in contradiction to the growing malware and data risks [33]. There is more to be done in this aspect of the collected data addressing privacy and security concerns as explained in the previous Section 2.1.

Technology development is predicted based on the collected data from a particular application, so examining the collected data and detecting any deviations to report the error is significant by applying artificial intelligence, such as the machine learning algorithm that will help to perform and detect malware. Prediction is made by different data mining approaches using the data set through the networks. Sophisticated algorithms are mainly used to predict and detect malware. Further investigation of the potential malware risk is recommended to optimize security in SMEs.

## **2.4 Artificial intelligence for defense mechanism**

There are high risks with big data in SMEs and it is crucial and significant to preserve by determining the security and utilizing a secure protocol that could be the contributing factor prevent various types of attacks. A novel method by applying a metaheuristic algorithm would be suggested for security and protection. Metaheuristic algorithms are general-purpose algorithms that can be applied to a wide range of optimization problems, with only minor alterations and modifications to the basic algorithm definition. Most metaheuristic techniques attempt to mimic biological, physical, and natural phenomena. Many heuristic and metaheuristic algorithms have been applied to improve solutions quality and solve large complex network optimization problems of maintaining QoS and have been shown to be important tools in a variety of disciplines. Metaheuristic methods can be developed to determine the best location to place the infrastructure and data to optimize security and reduce risks arising [34, 35].

The conversations and collaboration have taken place around making sure the necessary infrastructure is put in a secure place to help these SMEs succeed. The world is becoming smaller and smaller, so we need to bet on these digital innovations and help SMEs to reach out to secure markets where there is no longer a traditional definition. It is also important to consider the environmentally sustainable financial issues that are built to support these sectors. The overall vision is to optimize security and reduce malware risk in SMEs based on the recent technological revolution using AI approaches.
