**1. Introduction**

The people in large numbers continue to keep pace with rapidly evolving technology and that has led to increased use of computers and mobile devices. This trend was clearly visible during the COVID-19 pandemic when traditional businesses resorted to using modern technologies and became dependent on applications such as QR codes and contactless payments. Against that background, the hackers took advantage of the prevailing circumstances to exploit the vulnerabilities of technology and systems, and the level of risks to privacy and national security became a serious concern to the respective authorities.

This environment became hackers' paradise and directly or indirectly provided them with an ideal opportunity to steal personal data and sell them to third parties in return for financial benefits. They targeted large companies as well as Small and Medium-sized enterprises (SMEs). The SMEs switched to new technologies to maintain their business during the COVID-19 pandemic, but they invariably failed to increase the security aspects of the new systems due to financial constraints. Some researchers have pointed out that well-prepared organizations were able to deal with cyber incidents more efficiently than those that failed to anticipate and plan to address the reality of cyber threats due to the lack of adequate capabilities [1]. Statistically, SMEs represent more than 99% of all businesses in the UK, and given the importance of this commercial sector, the impact of disproportionate financial resources on the operational and reputational of the SMEs is of serious concern [2]. It is therefore crucially important to understand the threats early and act on them to prevent unimaginable repercussions.

SMEs have a unique working model forming the backbone of the UK economy. According to the Federation of Small Businesses (FSB) UK business statistics, there were 5.5 million small businesses at the start of 2021 [3]. The statistics showed SMEs accounted for 99.9% of this business population making up three-fifths of the employment and half of turnover in the UK private sector. These statistics verify how important the SME ecosystem is in providing an important cog to the growth and economy of a developed country. SMEs have an important role to play begging the question of how their usage of emerging technologies is keeping their data and business safe online. A paper by Daniel and Andreas [3], explores these emerging technologies especially the use of Artificial Intelligence (AI) and Machine Learning (ML) as both offense and defense mechanisms, for the hacker, and the end user. Daniel and Andreas identify and evaluate AI-related use cases that have a high impact potential on the cyber security level of SMEs, in particular highlighting the challenges of SME's environment being low in resourcing and challenges in their financial capabilities. AI and ML can be utilized for the defense against cyber threats especially malicious software (Malware). Attacks can easily be obtained from the dark web via malwareas-a-service (MAAS) making the underworld choices easier to conduct. Hackers with limited knowledge are able to use AI technology in order to create chaos and havoc in cyberspace. Traditional signature-based security systems can detect only 75–95% of untargeted mass malware attacks compared to 27% of targeted malware cyber-attacks [4] according to Daniel and Andreas. The detection rates of IT systems that do not use any form of AI cannot be sustained at the same level of security and protection when attackers are also using modern levels of AI methods to attack IT systems.

According to a study by Rawindaran et al. [5], over one million new types of malwares are created each day by malicious hackers. These types of malwares try to infiltrate networks increasing the threat of network attacks, driving the usage and demand for the use of AI and ML-driven intrusion detection protection systems (IDPS) being used throughout the SME market. These systems come with many challenges that include the cost of buying and maintaining the system and resourcing skilled engineers to maintain these systems in order to create a healthy and safe environment within their business [5]. Rawindaran et al. also explored a cost model to understand the outcome of SMEs' decision-making, in getting the right framework in place in securing their data. An experiment was conducted comparing different software vendors in understanding the information captured using AI and ML technology to stop zero-day attacks. The requirements of the UK General Data Protection Regulations Act (GDPR) were also acknowledged as part of the broader framework of the study. ML techniques such as anomaly-based intrusions did show better detection through a commercially subscription-based model for support from Cisco compared

*Detection and Minimization of Malware by Implementing AI in SMEs DOI: http://dx.doi.org/10.5772/intechopen.108229*

to that of the Open Source model which required internal expertise in ML. Finding a balance between IT expertise and the costs of products that are able to help SMEs protect and secure their data, will benefit the SMEs from using a more intelligent controlled environment with applied ML techniques, whilst not compromising on costs. This research work also focuses on evaluating techniques for managing big data and detecting malware within SMEs.
