A mix of technology and security awareness training is key to protecting SMBs against a rising threat.

Carbonite Guest Blogger

October 29, 2019

3 Min Read
security lock symbol on computer circuit board
Getty Images

It’s crucial for MSPs to know how to talk to today’s growing businesses about cybersecurity–and there’s plenty of recent data that says small and midsize businesses are ready to hear the message.

SMBs are currently focused on bolstering their cybersecurity efforts, with 89% of SMBs identifying cybersecurity as one of their top priorities and 79% planning to invest more in cybersecurity within the next year, according to a report published by Vanson Bourne and commissioned by Continuum Managed Services. This increased level of cybersecurity awareness among SMBs is triggered by the incessant onslaught of cyberattacks directed at them–coupled with a whopping 59% increase in such attacks.

Cybersecurity has turned from a situation where SMBs were once complacent about IT security to becoming critical to business survival and success.

The Evidence Is in the Numbers

As cybersecurity woes for SMBs continue to escalate, here’s some data on SMB data breaches and cyberattacks that are key drivers behind cybersecurity becoming top of mind for SMBs:

  • 67% of SMBs experienced a cyberattack, and 58% experienced a data breach in 2018, according to a Ponemon Institute report.

  • 43% of attacks still target small businesses, and 56% of breaches takes months or longer to discover, according to the 2019 Verizon Data Breach Investigations Report.

  • 71% of ransomware attacks are aimed at small businesses, according to a report from the Beazley group.

  • Small businesses in the United Kingdom suffer almost 10,000 attacks per day, according to latest Federation of Small Businesses research.

But what makes SMBs vulnerable to cyberattacks?

In our estimation, the two driving factors are limited IT staff and/or expertise and SMBs being less likely to conduct regular employee IT security training.

As cybercrooks continue to unleash attacks on SMBs, Forrester predicts businesses will invest more in security services such as MSSPs this year. A dearth of security talent has firms exploring the security services route, and businesses with midrange security budget also employ security services to bolster their security posture and respond to ongoing threats, according to Forrester.

As cyber threats continue to proliferate, talk to your clients about the need for embracing a layered defense approach, which has become imperative for SMB cybersecurity success.

Why You Need Defense-in-Depth

Given that there are no silver bullets for cybersecurity, adopting a defense-in-depth strategy is one of the best approaches for SMBs to adopt.

Defense-in-depth is a comprehensive approach to cybersecurity in which multiple layers of security controls are placed throughout a system. The idea behind the defense-in-depth approach is to defend a system against any attack using several independent methods. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited.

When talking to clients about implementing an effective defense-in-depth strategy, focus on key components, such as the need for an effective data backup strategy, IT security planning, investing in security technologies and implementing security awareness training.

Building a comprehensive data protection strategy is the key to success, and investing in both anti-virus and backup technology is an integral component. While anti-virus is your first layer of defense against cyberattacks, a reliable cloud backup and restore solution will ensure business continuity if an attack does occur.

But, given today’s sophisticated threat landscape, explain to your clients why investing in advanced endpoint security (for securing corporate networks) and predictive threat intelligence (to gain a better visibility on their security posture) has also become imperative.

However, keep in mind that focusing on technology alone to address cybersecurity challenges isn’t enough. Such investments won’t be fruitful unless you take proactive steps to keep your staff up to date on the latest threat vectors.

As the need for better cybersecurity will only grow, Carbonite and Webroot are coming together to provide our customers with the ability to fight cybercrime and protect our users from the loss of business-critical data.

This guest blog is part of a Channel Futures sponsorship.

Read more about:

MSPsVARs/SIs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like