SMB security spending is rising, but confidence in the ability to avoid breaches remains low, according to a new report from Cyren and Osterman Research, released Monday.
Some 63% of SMB IT managers said they increased security spending in the past year, by an average of 27%, the report found. However, less than half of these IT professionals said they were confident that they can prevent data breaches and protect against threats.
IT managers are most concerned by threats of ransomware (62%), phishing (61%), and data breaches (54%).
IT security budgets grew 17% over the past year—on top of a 21% increase reported last year, the report found. However, 68% of IT managers suffered one or more serious security breaches, with 29% reporting a successful phishing attack, and 18% reporting a successful ransomware attack.
SEE: Information security incident reporting policy (Tech Pro Research)
Respondents generally reported a low number of dedicated IT security staff members available to deal with security issues: Some 52% of organizations surveyed had two or fewer security staff members. For companies with 100-500 employees, that number grew to 80%.
The popularity of cloud-based security is also rising, the report found, as 29% of IT managers expressed a "strong preference" for cloud-based security—up from 21% last year. Meanwhile, 32% of respondents said they preferred on-premises solutions.
In terms of desired capabilities in new security solutions, IT managers ranked security effectiveness the highest (85%), followed by speed of defenses applied to new threats (74%). Trailing behind were reporting, user experience, management ease, and cost.
The report surveyed 109 business IT and security managers from organizations with between 100 and 3,000 employees, across a variety of industries.
"Year over year, we are seeing dramatic increases in SMB spending for cybersecurity, yet little movement in the confidence levels surrounding their purchases," said Michael Osterman, principal analyst at Osterman Research, in a press release. "Exacerbating this disconnect between perceived protection and cost, SMBs have few, if any, IT staff dedicated to cybersecurity. Thus, we see a steady uptick in demand for cloud-based security solutions that rely on the diligence and expertise of the vendor instead of company employees."
Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.
- 63% of SMB IT managers increased security spending in the past year, by an average of 27%. -Cyren and Osterman Research, 2017
- IT managers are most concerned by threats of ransomware (62%), phishing (61%), and data breaches (54%) -Cyren and Osterman Research, 2017
- 68% of IT managers suffered one or more serious security breaches in the past, with 29% reporting a successful phishing attack, and 18% reporting a successful ransomware attack. -Cyren and Osterman Research, 2017
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Human behaviour touted as key to plugging security gaps (ZDNet)
- How to avoid ransomware attacks: 10 tips (TechRepublic)
- 5 critical IT security questions enterprises need to answer now (TechRepublic)
- Information Security Management Fundamentals (TechRepublic Academy)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Senior Editor for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.