Latest report has revealed that Small-Medium Business growth plans are held back by insufficient cybersecurity
New study has said despite increased spending in IT, small and medium sized businesses (SMBs) are not prepared for the increased cyber risks that come with growth.
The US-based research firm Analysys Mason said it sought to uncover how SMBs are emerging from the pandemic, and how their business and technology needs are changing.
The survey of 1,150 small and medium sized businesses across the US, Germany, UK and Singapore, also revealed:
SMBs struggle with a lack of expertise and require additional support: Less than a quarter (22%) of respondents felt they were extremely well protected against cyberattacks, and only a minority have internal security specialists or are working with a third party. This means that a large number of SMBs either have no security products in place or these products are managed by non-specialist staff. While there is a significant rise in the number of SMBs working with Managed Service Providers (MSPs) to help address IT issues, around a third of respondents noted they would like additional help from their MSP in upgrading security.
Cybersecurity as an investment: The SMBs surveyed clearly recognized the disastrous effects of a cyberattack on their company but seemed to agree that they had inadequate security budgets. Security vendor solutions priced beyond their budgets was identified as a key challenge to having effective cybersecurity capabilities. Something has to change, to enable SMBs to take a longer-term view of the value of cybersecurity so that they can invest today to protect their growth tomorrow.
SMBs are adapting to the ‘new normal’ but mobile security is lacking: SMBs are expecting 40% of their employees to continue working remotely for at least some of the time. The highest priority in all countries was to ensure that IT can be managed and supported remotely, validated by additional laptop purchases and increased VPN capacity. However, the survey also shows that the take up rate of even basic security products is low. The most adopted service, endpoint protection, is only used by 67% of respondents and less than half have any form of mobile security.
