Cybersecurity Tops List of SMB Priorities as Attacks Continue
It’s crucial for MSPs to know how to talk to today’s growing businesses about cybersecurity–and there’s plenty of recent data that says small and midsize businesses are ready to hear the message.
SMBs are currently focused on bolstering their cybersecurity efforts, with 89% of SMBs identifying cybersecurity as one of their top priorities and 79% planning to invest more in cybersecurity within the next year, according to a report published by Vanson Bourne and commissioned by Continuum Managed Services. This increased level of cybersecurity awareness among SMBs is triggered by the incessant onslaught of cyberattacks directed at them–coupled with a whopping 59% increase in such attacks.
Cybersecurity has turned from a situation where SMBs were once complacent about IT security to becoming critical to business survival and success.
The Evidence Is in the Numbers
As cybersecurity woes for SMBs continue to escalate, here’s some data on SMB data breaches and cyberattacks that are key drivers behind cybersecurity becoming top of mind for SMBs:
- 67% of SMBs experienced a cyberattack, and 58% experienced a data breach in 2018, according to a Ponemon Institute report.
- 43% of attacks still target small businesses, and 56% of breaches takes months or longer to discover, according to the 2019 Verizon Data Breach Investigations Report.
- 71% of ransomware attacks are aimed at small businesses, according to a report from the Beazley group.
- Small businesses in the United Kingdom suffer almost 10,000 attacks per day, according to latest Federation of Small Businesses research.
But what makes SMBs vulnerable to cyberattacks?
In our estimation, the two driving factors are limited IT staff and/or expertise and SMBs being less likely to conduct regular employee IT security training.
As cybercrooks continue to unleash attacks on SMBs, Forrester predicts businesses will invest more in security services such as MSSPs this year. A dearth of security talent has firms exploring the security services route, and businesses with midrange security budget also employ security services to bolster their security posture and respond to ongoing threats, according to Forrester.
As cyber threats continue to proliferate, talk to your clients about the need for embracing a layered defense approach, which has become imperative for SMB cybersecurity success.
Why You Need Defense-in-Depth
Given that there are no silver bullets for cybersecurity, adopting a defense-in-depth strategy is one of the best approaches for SMBs to adopt.
Defense-in-depth is a comprehensive approach to cybersecurity in which multiple layers of security controls are placed throughout a system. The idea behind the defense-in-depth approach is to defend a system against any attack using several independent methods. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited.
When talking to clients about implementing an effective defense-in-depth strategy, focus on