The stampede from offices to working from home has strained IT security teams to their limits. As a result, SMBs find they need to get more bang for fewer bucks to fight off cybersecurity threats.
Network security firm Untangle on Sept. 8 released the results of its third annual SMB IT Security Report. Polling more than 500 SMBs, the report explores major barriers for managing IT security. The results reflect the growing challenges the pandemic caused in forcing massive shifts to remote work.
Nearly half of IT pros have altered their security plans as a result of large-scale breaches reported in the media. The report shows that IT teams, in addition to protecting their organizations from increasing cyberattack risks, must also contend with the unintended consequences of the coronavirus pandemic.
The survey revealed that as businesses consider more permanent plans for their employees, 56 percent will continue to have some employees work from home permanently. Another finding shows 38 percent of SMBs allocate US$1,000 or less annually to their IT budget.
SMBs are proactively putting tools in place to combat attacks. They are able to limit their vulnerabilities even though they continue grappling with limited security budgets and resource constraints.
However, dealing with these challenges during a cross-industry WFH shift has created gaping vulnerabilities within their networks. This adds another challenge to already overburdened IT departments.
“As the abnormal becomes our new normal, SMBs need to approach remote work by using a combination of cloud-based applications and on-premises solutions to keep employees and systems safe, and ensure business continuity,” said Scott Devens, CEO at Untangle.
SMBs should be looking for technologies that incorporate multilayered network security tools and hybrid network infrastructure, such as SD-WAN, to avoid large-scale network vulnerabilities, regardless of budget and resource size, he suggested.
This survey revealed a critical takeaway about the changing cybersecurity climate the pandemic thrust upon SMBs, warned Joseph Carson, chief security scientist and advisory CISO at Thycotic.
“The report is clear that SMBs do become victims of cyberattacks and that it is better to invest upfront rather than try to survive in a post cybersecurity incident,”.
If SMBs stick to their tight budgeting restrictions for their IT departments, they could find that some of the $1,000 ceilings they put in place can be eaten up for cyber insurance.
Cowbell Cyber’s recent survey revealed that 65 percent of SMBs will spend more on cyber insurance in the next two years, according to Isabelle Dumont, the company’s vice president of market engagement.
“Subscribing to a standalone cyber policy is always a great step for SMBs to get financial protection against a wide range of cyber incidents and gain access to expert security resources when an incident actually occurs,”.
A growing number of SMBs continue to do more with less, according to the report. This year’s 38 percent budget adjustment noted above compares to 29 percent last year and 27 percent in 2018. Further, 78 percent of SMB employees are temporarily working remotely with an anticipated 56 percent suggesting some positions will be permanently remote moving forward.
Nearly half (48 percent) of the surveyed organizations operate in more than two locations, making SD-WAN an ideal infrastructure. SD-WAN allows small businesses who are operating in multiple physical locations and using bandwidth-intensive applications, such as voice over IP tools (VoIP), Zoom, or Salesforce, to take advantage of this technology.
Doing so allows SMBs to increase branch office network security. It also lets them increase Internet efficiency and decrease IT spending.
For nearly one-third (32 percent) of the responding SMBs, budget restrictions are their greatest barrier. That result is the same as last year.
Nearly one-quarter (24 percent) said their biggest challenge is employees who do not follow IT security guidelines. Limited time to research and understand emerging threats was the biggest cybersecurity protection barrier for only 13 percent of SMBs responding to the survey.
Fight More Threats, Spend Less Money
IT departments, even with limited resources, can implement foundational strategies to address network security issues and lay the groundwork for future investments, noted Untangle in citing some of the significant findings. The survey revealed effective strategies SMBs employ with their limited budgets.
For example, SMBs rank firewalls (82 percent), antivirus protection (57 percent), endpoint security (48 percent), archiving management and backup and VPN technologies, (47percent), and Web filtering (40 percent) as their most important features when considering which IT security solutions to purchase.
A majority of SMBs find economical solutions in the cloud. For instance, SMBs have adopted a hybrid on-premises/cloud-based IT infrastructure for business applications. A solid majority (71 percent) have their firewall on-site rather than in the cloud.
Nearly half (45 percent) of SMBs said they have adjusted or reevaluated their IT security roadmap based on recent security breaches and ransomware attacks. Of those SMBs surveyed who experienced a data breach within the last 12 months, 15 percent were able to stop the attack or any unauthorized access before sensitive data was extracted.