Despite increased budgets, small and medium-sized businesses (SMEs) are unprepared for the dangers that come with growth, according to a Check Point survey. This is shown by a current study on the subject of “IT security for small and medium-sized companies”.
Check Point Software Technologies Ltd., a leading global provider of cyber security solutions, has released the results of a new survey by market research firm Analysys Mason on the IT security of small and medium-sized businesses (SMBs). The aim of the study was to find out how SMEs survived the pandemic and how their business and technological needs are changing. The survey found that while SMBs understand that they need to invest in technology to support growth in the hybrid working world, many executives are failing to prioritize IT security.
Cloud, mobile and SaaS technologies
The survey shows that the majority of all companies, including SMBs, have adopted cloud, mobile and SaaS technologies in recent years. As a result, compared to pre-pandemic levels, IT spending has increased, fueling business growth. SMEs have thus accepted to see the hybrid working model as permanent and have increased their investments in communication technologies and services to support remote workers. However, with the use of home and office access points, the attack surface has increased, which increases the risk of cyber attacks. The rise of supply chain attacks, in turn, shows security researchers that cybercriminals are increasingly using the more vulnerable SMBs as an entry point into larger companies. This approach is wreaking havoc on both SMEs and any corporations they interact with.
With a global shortage of IT security professionals, SMBs are now struggling to adequately protect their critical assets, making them a target for hackers. Larger companies tend to have larger IT budgets, making it easier for them to recover from an attack. However, for small and medium-sized businesses, an attack can be devastating. The survey found that among the top impacts on small and medium-sized businesses are lost revenue (28 percent) and loss of customer trust (16 percent).
1.150 SMEs included in the study
The survey of 1150 small and medium-sized businesses in the US, Germany, UK and Singapore also found:
SMEs struggle with a lack of expertise and need support
Less than a quarter (22 percent) of respondents believe they are very well protected against cyber attacks. Only a minority have in-house security specialists or work with a third party. This means that a large number of SMBs either have no security products in use or these products are managed by untrained employees. Although the number of SMBs working with managed service providers (MSPs) to solve IT problems has increased significantly, about a third of respondents said they would like their MSP to provide additional help in improving security.
IT security as an investment
The SMBs surveyed were aware of the disastrous impact of an attack on their business, but agree that their security budgets are inadequate. Security vendors priced beyond their budget have been cited as one of the top challenges for effective protection.
SMEs are adapting to the new circumstances, but mobile security remains inadequate
SMBs expect 40 percent of their employees to work remotely, at least part of the time. The highest priority in all countries was ensuring that IT can be managed and supported remotely, which was confirmed by the purchase of additional laptops and the increase in VPN capacity. However, the survey also shows that adoption of even basic security products is low. The most widely used service, endpoint protection, is only used by 67 percent of respondents. Less than half have some form of mobile security in place.
Eyal Manor, vice president of product management at Check Point Software, reports: “It is reassuring that SMBs have increased their investment in IT security to support business growth and the new hybrid working model, but the right mix of security products is key only part of an effective strategy. With a shortage of cybersecurity staff, SMBs need security solutions that are proven to stop threats, are extremely easy to deploy and manage, and offer the flexibility of an all-in-one solution that combines security and internet connectivity.
Low cost, no need for security experts
SMBs should also look for a consolidated and unified suite that offers a high level of protection for their network, endpoints, mobile devices and email. At the same time, SMB security vendors should adopt a prevention-centric approach that reduces the total cost of ownership (TCO) by reducing the need for additional staff or security experts. SMBs should also consider using third-party managed services providers to gain access to experienced professionals at an affordable cost. Third-party consultants can provide expert advice on the best security solution for each SMB, along with training and ongoing support.”
More at Checkpoint.com
About check point Check Point Software Technologies GmbH (www.checkpoint.com/de) is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.