Do small to midsize businesses (SMBs) have the resources they need to protect themselves against cyberattacks? A recent study conducted by Wakefield Research suggests they do not. Just 37 percent of IT decision makers surveyed believe their organizations are completely ready to manage IT security and protect against threats. That’s because in-house IT staff are expected to handle all cybersecurity management and concerns, and in today’s threat environment that’s simply not enough.
According to the survey, IT staff at 32 percent of companies juggle security along with their other IT responsibilities. This leaves employees stretched too thin and unable to devote the necessary time to many critical cybersecurity tasks. Instead of taking a more proactive approach to cybersecurity, these companies are often left on the defensive — not an optimal scenario in today’s world of zero-day attacks, phishing scams, social engineering attempts and malicious websites.
Defending a company from cyberattacks is inherently challenging, and made even more so by budgetary constraints. The vast majority of SMBs do not have security budgets remotely comparable to those of large enterprises. In fact, nearly 60 percent of survey respondents think their businesses are more prone to cyberattacks because they have too few resources for maintaining their defenses.
IT decision-makers can point to specific areas in which they feel underprepared. According to the survey, 48 percent think their company is vulnerable to insider threats, such as employees who deliberately or unintentionally cause cyberattacks. In addition, 45 percent believe that unsecured internal and external networks, such as public Wi-Fi, put them at risk, and 40 percent are concerned about unsecured endpoints, such as laptops and mobile devices.
All of these potential risks should be cause for concern — within the past few years, hackers have exploited them to execute a number of high-profile breaches. Organizations that continue to rely on traditional firewalls and antivirus tools are especially at risk of attack.
Overall, 81 percent of respondents plan to increase their 2016 IT security budgets by an average of 22 percent. Respondents are also very open to other strategies for improving security, with an overwhelming 81 percent in agreement that outsourcing IT functions, including cybersecurity, would increase their ability to address other areas of their business.
A managed services provider (MSP) can help these organizations achieve a stronger security posture by monitoring systems and networks and proactively managing and maintaining security tools. Before outsourcing cybersecurity, SMBs should perform due diligence in identifying an MSP that has the skills and experience to provide security services as well as remote monitoring and management tools.
Atlantic-IT.net, your outsourced IT department, can manage your entire technology environment, including your security infrastructure. Let us help you identify any vulnerabilities and implement and maintain a more robust security infrastructure.