SMBs Face Serious Security Budget, Workforce Limitations
Despite increasing cyberthreats, SMBs are expected to do more with less when it comes to IT security implementation, and many have less to spend this year than last year.
That’s according to Untangle‘s second-annual SMB IT Security Report, which examines the current state and trends of IT security of more than 300 SMBs globally, compiling data on budget and resource constraints, breaches, IT infrastructure, cloud adoption and more.
Heather Paunet, Untangle‘s vice president of product management, tells us SMBs are more vulnerable due to the fact that they don’t have dedicated IT staff that know about and can implement the right solutions to protect them.
“SMBs also remain targets because hackers know that they are less likely to have strong enough network security in place than larger enterprise companies,” she said.
This year, nearly one-half (48%) of SMBs said they had less than $5,000 budgeted to spend on IT security, versus 54% last year, Paunet said. Also, 52% said they do not have an in-house IT security professional on staff and therefore distribute the responsibility across other roles.
“I would have expected the budget to go up as SMBs are becoming more aware of the cybersecurity risks they face,” she said. “Eighty percent of SMBs are now ranking IT security as a priority and 56% … answered a definitive ‘yes’ that recent security breaches are affecting the way they think of their security road map. This shows that SMBs are taking security seriously and that they know that IT security is a fundamental aspect of business continuity that they need to plan for.”
Other key findings include:
- Forty percent of SMBs operate in at least five physical locations, including remote access workers.
- Most SMBs have up to 75% of their IT infrastructure deployed on the cloud.
- A majority of respondents described their IT infrastructure deployment as cloud-based (public or private).
MSPs have an opportunity to provide services for customers without having to go on-site to maintain them, Paunet said.
“Not all MSPs are experts in cloud technologies,” she said. “MSPs that are experts, or are willing to learn, have the opportunity to provide services for a customer that are easier to implement with no onsite servers being required with easy monthly ‘as a service’ predictable costs.”
MSPs also can help SMBs that are geographically dispersed, Paunet said.
“A challenge here for MSPs is that they need to manage physical locations that are not always in the area where the MSP lives,” she said. “MSPs need to be able to maintain and manage offices that they cannot easily get to. MSPs can be ahead of this industry trend where companies are split over more offices by using new technologies that are available, such as software-defined networking.
“Despite several limitations including budgets, time and workforce constraints, SMBs are now, more than ever, reassessing their investments into IT security,” said Timur Kovalev, Untangle’s CTO. “While key security features such as firewalls and network security will remain must-haves for SMB security, cloud-based services and distributed workforces have opened up the need for SD-WAN to establish secure connections between employee locations separated by distance, offering network-wide control and visibility for incoming threats or attacks.”