TD Synnex Beyond Security: SMB and Midmarket Heavily Targeted by Threat Actors

There’s been an “astounding” increase in cyberattacks targeting the SMB and midmarket segments, and they need partners now more than ever to help them stay secure.

TD Synnex’s Ed Morales

That’s according to Ed Morales, TD Synnex’s global vice president of security and high-growth technologies business development. On Day 2 of TD Synnex Beyond Security 2023, he gave a keynote on the accelerating threat to SMB and midmarket businesses.

“The cost it takes these small firms to recover from a breach is $2.2 million,” he said. “And usually about 60% of these companies that get breached are going to be basically out of business in six months. And the scary thing is half of them don’t even know that they’re that exposed.”

A recent McKinsey report assessed the scope of the market in the SMB and midmarket space. It projected $1.5 trillion to $2 trillion in addressable market.

“So that means there’s obviously a large group of these customers out there that are not really doing anything and their security posture is low,” Morales said. “And what’s important really for the overall segment is if you can go back to some of the the classic [cyberattack] case studies, Danske Bank or Target, the way they were entered was through these smaller entities with whom they were partnered. So they got breached and, in turn, these larger entities got breached. So that’s how a lot of this is a much more broader concern. It’s not just a smaller market segment. It actually has an enterprise implication as well.”

SMB and Midmarket Organizations Not Concerned Enough

SMB and midmarket organizations think they’re not targets because “they think they’re too small,” Morales said.

“They’re a small entity, but they’re the prime targets because they’re the entry point,” he said. “Now, everything is so digitally connected. They’re the entry point to something else.”

The cybersecurity skills shortage also is playing a role in SMB and midmarket businesses coming up short when it comes to cybersecurity, Morales said.

“They can’t afford to have these sort of resources and on staff,” he said. “It takes a lot of time and effort to do risk assessments. So they don’t just don’t have the infrastructure to be able to support that. So that’s part of it.”

It may also be something as simple as turning on basic features like multifactor authentication (MFA), Morales said.

“With one of our larger hyperscalers, there’s been a large breach of their customer base based on them turning off MFA in their environments,” he said. “So there’s some rudimentary things that can take place, but it’s just they don’t believe they’re a target. And I think that’s the vulnerability. They just think it’s going to happen to somebody else.”

Scroll through out slideshow for more from Day 2 of TD Synnex Beyond Security.