As the number of cyberattacks continues to rise and may jump even higher with the new Senate bill passed Tuesday, small-to-medium businesses (SMBs) should be on higher alert of potential cyberattacks. Coro has released a report forecasting the biggest cybersecurity threats businesses will face in 2022, with SMBs being singled out as potential targets due to system vulnerabilities. This potential for loss of revenue and data signals that SMBs’ defenses need a shift in their focus.
Rate of attacks, by the numbers
Coro’s findings state that in the past two years, attacks against these SMBs have increased at a rate of 150%. But despite the growing number of attacks against these mid-sized enterprises, organizations’ defenses have not kept up with the complexity or number of attacks over the two-year span. These developing companies are now faced with a frequency of attacks now on par with large enterprises, but typically do not have the layers of security to withstand the barrage of attacks.
The definitions and capabilities in phishing, malware and ransomware attacks expanded mightily during the pandemic, and with industries needing an online presence now more than ever, the volume of attacks have grown as a result. This digital transformation for SMBs created a paradigm shift towards remote work as well as the need for the cloud to keep enterprises and their employees ever connected to one another. This move towards cloud-based activities and remote work leveraged readily available malicious code, and the computing power available to scale and automate cyberattacks has unleashed an unprecedented number of attack routes.
SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)
On average, Coro found that SMBs faced roughly 6,300 attacks per day over the course of 2019, according to the study. A year later, that number rose to 17,500 and by the end of 2021 the average was 31,000 for the year. If this increase continues at its current pace, SMBs will face between 56,000 and 86,000 attacks in 2022 alone. The specific industries seeing the highest increase in rate of attacks from 2020 to the end of 2021, fell into the areas of:
- Transportation (195% increase)
- Healthcare (178%)
- Retail (149%)
- Manufacturing (131%)
- Professional services (119%)
- Education (97%)
So what can mid-sized companies do?
When it comes to cybersecurity for SMBs, the amount of work needed to be done in a point solution approach is not feasible from a monetary standpoint. To secure themselves, these businesses would need to sink money into research, purchase the needed solution, deploy and configure it to the company’s needs. By that stage, it may cost more to protect the organization’s data than the enterprise brings in.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
One possible solution is a move towards a platform approach, according to Coro. By coordinating the enterprise’s needs with a single vendor, they can provide an all-in-one solution to help defend cloud applications, emails and endpoints to help deter attacks from malware and ransomware. A comprehensive platform approach would allow for the simplification of security operations, shift the burden of protecting company data to the security provider instead of the company themselves and decrease the intricacy of the technology stack while allowing for the expansion of protections.
To help avoid the growing pains of an SMB and its cybersecurity, the platform approach may be a viable alternative if it can be deployed sooner rather than later. As the number of cyberattacks are anticipated to increase in the coming years, the platform approach may save mid-size businesses a number of safety headaches in the future, not to mention mitigate a potential loss of revenue.
