Cybersecurity Gains Respect from U.S. SMBs

SMB security is a big opportunity for channel partners and managed security service providers (MSSPs). A recent cyber threat and SMB report cites that 79% of companies not currently outsourcing IT security plan on doing so in 2017.

Lynn Haber

August 1, 2017

3 Min Read
Cloud Security

No business is exempt from cybersecurity threats, and companies of are getting the message — even small and medium-size businesses (SMBs), according to a global study of IT decision makers (ITDMs) by cybersecurity firm Webroot and Wakefield Research.

In fact, nearly all (96 percent) of SMBs believe they’re susceptible to an external security threat this year, the study revealed. That figure was 98 percent for U.S.-based survey respondents who represented one-third of overall ITDMs. External security threats included new forms of malware infections, mobile attacks, phishing attacks, DDoS attacks and ransomware attacks.

Top external threats that ITDMs in the U.S. worry about this year: new forms of malware infections and phishing attacks, 49 percent each, followed by DDoS attacks (41 percent), mobile attacks (40 percent), and ransomware (31 percent).

And, according to Webroot, 71 percent of all businesses surveyed admit to not being completely prepared to manage IT security and protect against threats — that figure increases to 80 percent for U.S. SMBs. Research results indicate that only 21 percent of ITDMs at U.S.-based SMBs consider themselves “completely ready” to manage IT security and protect against threats, while 47 percent say they’re “almost ready,” 26 percent “somewhat ready,” 7 percent “far from ready” and 1 percent “will never be ready.”

The Webroot report surveyed 600 ITDMs at SMBs with 100-499 employees in three countries: U.S., U.K. and Australia, with 200 participants from each geography.

Taking a deeper dive into how U.S. ITDMs think about security management, one in three (33 percent) reports relying on a mix of in-house and outsourced IT security support, 22 percent have a dedicated in-house security team, 24 percent rely on in-house employees who attend to security while also handling other IT responsibilities, 13 percent turn exclusively to a third-party managed service provider (MSP), and 10 percent rely on their non-IT employees to handle security along with other responsibilities.

For those companies that rely on staff to address and/or eliminate any security issues, almost half (47 percent) are very confident they’d be successful, another 42 percent are somewhat confident of success, and 12 percent are not confident.

Looking more closely at U.S. SMBs that don’t outsource any IT security, nearly four in five (79 percent) said they’re very likely or somewhat likely (37 percent and 42 percent, respectively) to use a third-party cybersecurity provider in 2017. Another 21 percent are not likely to use outside resources.

It comes as no surprise then that more than half (52 percent) of U.S. ISDMs strongly agree that outsourcing IT solutions would protect their businesses against threats and increase bandwidth to address other areas of the business, and another 37 percent agree somewhat. On the other hand, 12 percent disagree that outsourcing security would help their businesses.

The cost of a security breach can be staggering for any company, including SMBs. U.S. survey respondents estimate that the average cost of losing customer records or critical business data is nearly $580,000, with 39 percent estimating even higher costs of $500,000-$1 million (17 percent) and $1 million and more (22 percent), with 22 percent estimating damages at less than $100,000.

Dollar damages aren’t the only thing ITDMs think about when it comes to a security attack; they also worry about …

… company image, and employee trust and moral. Survey respondents in the U.S. think it would be more difficult to restore a company’s public image (63 percent) than employee trust and morale (38 percent).

U.S. ITDMs are overwhelmingly confident (87 percent) compared to not confident (13 percent), that company employees are educated on how a cybersecurity breach could impact them and the company.

So, what are they spending?

With cybersecurity being a moving target, 94 percent of U.S. ITDMs report that they expect to increase security budgets in 2017. The numbers vary: Sixty-three percent of respondents plan to increase the security budget by 1-19 percent, 27 percent will increase the budget by 20-49 percent, and 4 percent expect to prop up their security budgets by 50-100 percent. One in 25 (4 percent) SMBs budgets will remain flat and 3 percent of ITDMs are decreasing their security spending.

Read more about:


About the Author(s)

Lynn Haber

Content Director Lynn Haber follows channel news from partners, vendors, distributors and industry watchers. If I miss some coverage, don’t hesitate to email me and pass it along. Always up for chatting with partners. Say hi if you see me at a conference!

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like