The "2021 CISO Survey of Small Cyber Security Teams," survey from Cynet finds that companies with small security teams, generally SMEs, are facing a number of unique challenges, placing these organizations at greater risk than their larger enterprise counterparts. These enhanced risks are moving 100% of these companies to outsource at least some aspects of security threat mitigation in order to safeguard IT assets.
In this survey of 200 CISOs at small and medium size enterprises (SMEs) with five or fewer security staff members and cybersecurity budgets of $US one million or less, it was found that a majority of the organizations were overwhelmed by the endless volley of cyber-attacks. This has been due in large part to SMEs being inundated by many of the same threats facing larger organizations, but lack the financial resources, specialist staff, training and proper tools to consistently remediate threats. According the research results in this survey:
- 63% of these CISOs feel their risk of attack is higher compared to enterprises, despite the fact that enterprises have a larger target on their back.
- 57% of CISOs admitted that their ability to effectively protect their companies is overtly lower than they would like it to be.
- 57% of companies indicated they do not have enough skill and experience to protect against cyberattacks.
- 80% of responding CISOs said they would like to invest in more automated security solutions as these companies look for innovative ways to do more with fewer heads.
- As a result of the aforementioned, 100% of small security teams are outsourcing security mitigation to an external provider with 53% outsourcing to a Managed Detection & Response (MDR) service and the balance outsourcing to an MSSP provider.