FOUR IN 10 SMBs are increasing their cybersecurity spending, and most expect that to continue, according to the Datto SMB Cybersecurity for MSPs Report, which concludes that there’s a variety of security-related areas where MSPs can grow their business as a result.
The study, which surveyed around 3,000 decision makers, reveals that SMBs are taking cybersecurity more seriously. That includes the adoption of security frameworks, with 34% utilizing the CIS framework, followed by CMMC (30%), COBIT (27%), and NIST (22%). In addition, over 50% of respondents have implemented AV and email/spam protection, with network (47%) and cloud security (45%) as the top areas planned for investment in the next year. Further, 37% of respondents run IT security vulnerability assessments three or more times a year, with 62% running them at least twice a year.
SMBs are covering their assets, too. Sixty-nine percent have cyber insurance; 34% of those who don’t say they’re highly likely to get it in the next year.
There’s good reason for the uptick in preparedness. Just under half (47%) believe their companies are likely to recover from a cyberattack or cybersecurity incident, but it would be painful, while 16% of respondents say their organization would be doomed in the event of a successful attack.
And expectations for attacks are high, with 60% of respondents anticipating a ransomware attack in the next 12 months while 72% are expecting a phishing attack.
In the previous 12 months, the average cost of downtime at respondent organizations was $126,000. One-fifth had to reinstall and reconfigure all systems from scratch to get back to work.
Helping SMBs improve their backup and recovery processes is an area of opportunity the report identifies for MSPs, along with email security, security training with phishing simulations, managed SOC, and incident response planning.