The European Union Agency for Cybersecurity (ENISA) published a report and a guide identifying the cybersecurity challenges SMEs face today, and issued recommendations. The report identifies Phishing attacks; Web-based attacks; General malware; Malicious insider; and Denial of Service as the most common cyber risks SMEs face. The report recommends several measures to address the above challenges and risks, which are divided into three groups: people-based, process-based, and data protection and technical measures.