Small and midsized businesses (SMBs) are threatened by cybersecurity risks just as are larger organizations. But SMBs can face different types of barriers when it comes to maintaining and strengthening their security defenses. A new report from network software company Untangle examines some of the security challenges faced by SMBs and includes advice on how to build an effective security posture.
SEE: Cybersecurity: SMBs are keeping up with big companies, according to Cisco survey (TechRepublic)
Based on a survey of more than 500 SMBs, Untangle’s third annual SMB IT Security Report found that budget constraints were the greatest barrier to cybersecurity, cited by 32% of the respondents. Though security is considered a crucial aspect of business operations, the trick lies in using the right tools and tactics to prevent cyberattacks without adding more to the bottom line and overspending already limited budgets.
Increasingly, SMBs are being tasked to do more with less. For 2020, 39% of those surveyed have allocated just $1,000 or less to their IT security budget, compared with 29% in 2019 and 27% in 2018. Some 26% have between $1,000 and $5,000 for their budget, while just 15% have allocated more than $10,000.
To get past budget limitations, one strategy adopted by a majority of respondents is to have a single employee handle multiple responsibilities. This can help SMBs keep their workforce lean and meet revenue goals. Of course, the downside is that an employee juggling too many tasks can more easily drop the ball on any one of them.
A second security challenge faced by SMBs are employees who don’t follow the proper security guidelines. Cited by 24% of those surveyed, this factor has become more problematic due to the shift to a remote workforce in light of the coronavirus pandemic and quarantine.
While some types of workers have already been familiar with the requirements of working remotely, others have been challenged by the situation. Further, many employees are using VPNs for the first time, which opens the door to misconfigurations, unauthorized network access, and other risks.
Another security obstacle among SMBs is a lack of time needed to research new and emerging security threats, cited by 14% of the respondents. Two more challenges identified in the survey were a lack of personnel to manage cybersecurity and a limited knowledge of security solutions.
In the face of challenges, SMBs are paying more attention to the risk of cyberattack. Some 42% of the respondents said that news about recent data breaches prompted them to review and reevaluate their security posture. As a result, many have adopted a more preventative strategy to stop cyber threats before they hit their organization.
A majority of those surveyed said they’re actively using firewalls and antivirus protection, endpoint security, and VPN technology as the pillars of their security defense. Looking at the most important features in their overall security posture, 82% of the SMBs pointed to firewalls, 57% cited antivirus protection, 48% identified endpoint security, 47% mentioned VPN technologies, and 40% pointed to web filtering.
The renewed focus on prevention has helped reduce the number of data breaches seen by SMBs this year. For 2020, 77% of the respondents said they were able to avoid being hit by a breach within the last 12 months. That contrasts with 57% in 2019 and 58% in 2018 who expressed the same results. Among those SMBs who did experience a breach in the last 12 months, 15% said they were able to block it before any sensitive data was compromised.