SMBs increasingly have to ‘do more with less’ when it comes to cybersecurity

Most Countries without Cybersecurity Strategy

September 8, 2020

Untangle, Inc. released the results of its third annual SMB IT Security Report. Polling more than 500 SMBs, the report explores major barriers for managing IT security, particularly in the face of the unique challenges brought on by COVID-19 and its resulting shift to remote work.

SMBs are proactively putting tools in place to combat attacks and limit their vulnerabilities even though they continue grappling with limited security budgets and resource constraints. However, dealing with these challenges during a work-from-home shift has created gaping vulnerabilities within an organization’s networks and adds another challenge to an already overburdened IT department.

The survey finds that, year-over-year, a growing number of SMBs are continuing to do more with less, with 38 percent of SMBs allocating $1,000 or less to their IT security budget, in comparison to 29 percent in 2019 and 27 percent in 2018. Further, 78 percent of SMB employees are temporarily working remotely with an anticipated 56 percent suggesting some positions will be permanently remote moving forward.

“As the abnormal becomes our new normal, SMBs need to approach remote work by using a combination of cloud-based applications and on-premises solutions to keep employees and systems safe, and ensure business continuity,” said Scott Devens, CEO at Untangle. “SMBs should be looking for technologies that incorporate multi-layered network security tools and a hybrid network infrastructure, such as SD-WAN, to avoid large-scale network vulnerabilities, regardless of budget and resource size.”

Of the organizations surveyed, 48 percent operate in more than two locations, making SD-WAN an ideal infrastructure. SD-WAN allows small businesses who are operating in multiple physical locations and using bandwidth intensive applications, such as Voice over IP tools, Zoom, or Salesforce, to take advantage of this technology. SMBs are able to increase branch office network security, increase Internet efficiency, and decrease IT spending.

Additional key findings from the survey include:

Consistent with previous report findings, 32% identify budget as their greatest barrier, followed by employees who do not follow IT security guidelines (24%) and limited time to research and understand emerging threats (13%)
SMBs rank firewalls (82%), antivirus protection (57%), endpoint security (48%), archiving management and backup and VPN technologies, (47%), and Web filtering (40%) as the most important features when considering which IT security solutions to purchase.
While SMBs have adopted a hybrid on-premises/cloud-based IT infrastructure for business applications, with a small percentage increase of cloud deployments compared to last year, most SMB’s (71%) have their firewall on site rather than in the cloud.
45%, indicated that they have adjusted or reevaluated their IT security roadmap based on recent security breaches and ransomware attacks.
Of those SMBs surveyed and who experienced a data breach within the last 12 months, 15% were able to stop the attack or any unauthorized access before sensitive data was extracted.

Download a free copy of the report here.

With the advent of Internet of Things (IoT) technology and Industrial Internet of Things (IIoT), the cyber security practices are increasingly getting integrated with the physical security practices.

We will provide insight on NDAA Section 889 and how the act has evolved and impacted business, so that organizations can better mitigate risk and stay compliant.