SMALL AND MEDIUM BUSINESSES face the same cyberthreats as large enterprises but have fewer resources to shore up their defenses or recover from a breach. Indeed, 40 percent of midmarket companies experienced eight hours or more of system downtime due to a severe security breach, similar to what large enterprises reported, according to a special cybersecurity report from Cisco that breaks out SMB data from the vendor’s 2018 Security Capabilities Benchmark Study.
In contrast, though, only 49 percent of midmarket businesses review security practices regularly vs. 57 percent of their larger brethren. Similarly, just 48 percent of midsize firms have tools in place to review security capabilities (vs. 54 percent of large enterprises), and only 49 percent routinely investigate security incidents (vs. 55 percent).
SMBs are more concerned than large enterprises about ransomware, however, citing it as one of their top three security issues. Moreover, they are more inclined to pay the ransom to restore operations, according to Cisco. Targeted attacks against employees (via phishing) along with advanced persistent threats round out the top three security worries for SMBs. Mobile security is a challenge too, according to 56 percent of midmarket respondents.
SMBs do want to address cybersecurity, the research finds, with 19 percent saying that if staffing was available they’d upgrade their endpoint security to more sophisticated advanced malware protection/endpoint detection and response solutions. In addition, 18 percent say they’d consider better web application security against web attacks if they had more people, and 17 percent would deploy intrusion prevention.
And here’s what channel pros should especially take note of: Better than half of midmarket companies turn to outside security help. SMBs rely on outsourced partners to provide advice and consulting services (57 percent), incident response (54 percent), and security monitoring (51 percent).