The Covid-19 pandemic has revamped the digitization initiatives in organizations to increase productivity, streamline processes and support a hybrid work environment. Many organizations shifted their workloads from private to public cloud, and in some cases set up a multicloud architecture. According to Gartner, spending on public cloud services worldwide will grow 20.7% to a total of $591.8 billion by 2023.
Many small and medium-sized businesses (SMBs) around the world are finding their way forward in the “new normal.” Strong IT security is becoming even more vital now that SMBs rely more on remote workers and cloud-based solutions. The attack surface is now larger than ever, and the volume and variety of threats are unprecedented. SMBs need to be proactive when it comes to IT security.
According to a survey by ESET, 83% of SMBs see cyber warfare as a real threat that can affect anyone.
Top cybersecurity concerns for SMBs in the coming 12 months
SMBs are facing many cyber risks. However, they lack the confidence to handle them all. As per the survey, 70% SMBs are concerned about viruses and malware, followed by web-based attacks (67%), ransomware (65%), third-party issues (64%), DDoS attacks (60%), and remote desktop protocol attacks (60%).
There are various factors fuelling cybersecurity concerns among SMBs. Lack of employee cyber awareness (43%) is the most important reason for SMB cybersecurity challenges. 34% say that vulnerabilities in the partner/supplier ecosystem are putting them under cyber risk.
74% of SMBs believe that they are more vulnerable to cyberattacks than enterprises. They view the loss of data as the highest risk following a cyberattack. Financial loss, loss of customer trust, operational disruption, and loss of reputation are all factors that push SMBs to take up cybersecurity seriously.
What steps are SMBs taking to improve cybersecurity?
Even though SMBs struggle with budget constraints and a lack of employee cyber awareness, they are taking measures like conducting audits and purchasing new cybersecurity tools to ensure the protection of their data from cyber attackers.
According to the survey, like enterprises, SMBs are showing an increased interest in detection and response tools. 32% SMBs are currently using Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), and Managed Detection and Response (MDR) tools. 33% of SMBs are planning to use EDR/XDR/MDR tools in the next 12 years. These tools will enable SMBs to know the root cause of attacks which in turn will help them address the cyber threats and prevent future attacks.
Despite taking security measures, the overall confidence of SMBs in cyber resilience is low. Only 48% are moderately or very confident in their cyber resilience while others are not. Low levels of confidence can be attributed to a lack of sufficient knowledge and less access to third-party experts.
SMBs have become an attractive target for cybercriminals because they are easier to penetrate than large enterprises. Small businesses often do not have a dedicated IT team for cyber security, and their employees receive inadequate training in cyber security. To protect themselves from cyber threats, small businesses need to invest in cyber protection solutions.
Because data breaches can have very serious and even catastrophic consequences, all small and medium businesses should take certain basic steps to protect their data. SMBs can consider partnering with managed security service providers (MSSPs) to make their defence against cyber threats stronger. This is cost-effective and enables companies to monitor real-time network traffic with the help of IT security specialists. MSSPs are easily accessible to organizations of all sizes. They offer affordable, dependable, and efficient security solutions to organizations to safeguard their corporate internet assets, password files, confidential emails, and networks.
Cyber threats are constantly evolving, and so must the defences against them. For this reason, it is important for SMBs to implement adequate measures to improve their confidence in cyber resilience and keep their data safe.
Read next: 13% of SMBs in US do not have basic IT security measures, finds survey