Skip to main content
Search by keyword
Cybersecurity made simple: new playbook for Europe’s small businesses from the Squad 2025

Cybersecurity made simple: new playbook for Europe’s small businesses from the Squad 2025

Squad 2025 Playbook

Over the past eight months, Squad 2025, a focus group composed of pledging organisations from the Digital Skills and Jobs Platform, has worked with tireless dedication to create a practical resource to help micro Small and Medium Enterprises (SMEs) strengthen their cybersecurity.

Small businesses are the backbone of Europe’s economy—but they are also increasingly exposed to digital threats, from phishing and ransomware to AI-driven scams.
To help micro SMEs protect themselves, the “Small Businesses- Strong Defences Playbook” has just been published. This practical guide makes cybersecurity achievable, even for organizations with limited budgets or technical expertise.

A step-by-step approach you can actually use

The playbook breaks cybersecurity down into seven preventive steps that focus on reducing risk before an incident occurs:

Figure 1. Seven steps to Cyber Resilience for micro SMEs- Playbook- Squad 2025

Figure 1. Seven steps to Cyber Resilience for micro SMEs- Playbook- Squad 2025


Special focus: AI-driven scams

Artificial intelligence is making scams more convincing, from fake emails and messages to impersonated voices. Small businesses, with limited technical defenses, are particularly vulnerable.

The playbook also focuses on these emerging threats and offers practical measures to reduce risk:

  • Verify unusual requests through a second channel: confirm unexpected emails or messages by phone or separate email.
  • Use multi-factor authentication (MFA): adds a critical layer of protection even if passwords are compromised.
  • Train staff to recognize AI-enabled phishing and social-engineering attacks: build awareness to spot suspicious links, attachments, or lookalike domains.

Even adopting these simple steps can help small businesses stay ahead of increasingly sophisticated threats.

 

Authors and contributors

This publication reflects the dedication of the team behind Squad 2025, who combined expertise and practical experience to create a guide that is actionable, scalable, and directly relevant for small enterprises across Europe.

Manuel Avramescu is an ISC2 Certified in Cybersecurity (CC) professional and EU Policy Manager at ISC2. He brings extensive experience in EU cybersecurity legislation, digital skills policy, and strategic governance, leveraging over 20 years in European public affairs, public administration, and advisory roles to drive innovation, stakeholder collaboration, and resilient cross-sector policy alignment.

Gustavo Frega is the Senior Academic Strategy and Business Partnership Manager for EMEA at ISACA. An accomplished Computer Engineer, he spent over two decades connecting industries, ideas, and people across cybersecurity, IT, and telecommunications.Having worked with brands like Apple, Orange, and Vodafone, he is now focused on creating and expanding partnerships with academic institutions throughout EMEA — helping shape the skills and opportunities of the next generation of digital leaders. He has successfully led teams across the region, creating high-impact B2B models from product conception to go-to-market, consistently delivering measurable results while fostering sustainable growth and lasting collaborations.

Roberto Garrone is a researcher in artificial intelligence and computational modelling and an independent IT consultant supporting micro- and small enterprises in digitalisation, automation, and cybersecurity readiness.

Tony O’Keefe is director for EMEA at the SANS Institute, one of the world’s leading cybersecurity training firms, where he is responsible for supporting SANS clients across the mainland European region. This includes working with Government, Military, Law Enforcement, NATO and the European Union to support the development of information security skills. With more than 15 years at the SANS Institute Tony has been responsible for delivering some of SANS largest and more innovative programmes within the EU including the development of Cyber Security Academies and large-scale training programmes for some of the world’s largest organisations. In addition, Tony has also worked extensively with the EU on high-level initiatives to support the development of CyberSkills within the EU including the EU Cyber Skills Academy and also with ENISA on the development and rollout of the new European Cyber Skills Framework (ECSF). Tony has also worked on the SANS Institute’s Global Cyber Workforce Study.
Before joining the SANS Institute Tony worked for 15 years in Government with over 10 years spent working in the United States working with technology companies including Apple, Google and Amazon. Tony also holds the GSTRT GIAC certification.

Meagan Tudge is senior Manager (EMEA) for SANS’s “Securing the Human” programme.
She champions the mission of transforming cybersecurity awareness from a compliance tick-box into a human-centred habit — helping organisations across Europe build resilient, cyber-savvy teams. Meagan believes that security isn’t only about firewalls and tech — it’s about shaping behaviour, raising awareness, and empowering people to make wise digital choices every day.

 

Even one step makes a difference

Even small actions can have a big impact. By implementing just one of the recommended measures, businesses can reduce exposure to cyber threats, strengthen customer trust, and contribute to a safer European digital ecosystem.

The playbook is available for download here

Cybersecurity starts with action. Start today, secure tomorrow.
 

News details

Website link
Small businesses strong defenses: Your guide to cyber resilience
Digital technology / specialisation
Cybersecurity
Digital skill level
Basic
Intermediate
Geographic scope - Country
Austria
Belgium
Bulgaria
Cyprus
Geographical sphere
EU institutional initiative
Log in to comment

You May Also Be Interested In