SMB security: The evolving role of SaaS and IT outsourcing

SMBs need to bridge the gap between smaller IT security budgets and a shortage of expertise to face the very real and growing threat of cyber attacks, according to Kaspersky Lab.

Percentage of businesses whose IT security budget lies in each range

Over half (54 percent) of SMBs believe that their IT security will be compromised at some point and that preparation is essential, with 40 percent admitting that they lack sufficient insight or intelligence on the threats faced by the business.

In response to new and emerging threats, SMBs are looking to bolster their protection. However, half of SMBs (50 percent) do not expect the budget allocated to hiring additional IT security staff to increase and only 10 percent say it will significantly increase.

For those SMBs without the necessary internal resources or available budgets, Security as a Service (SaaS) could be the answer, with almost half (40 percent) of businesses putting their trust in third parties by outsourcing IT infrastructure and processes.

Those that prioritize cloud security and business process outsourcing (BPO) are considerably happier with the efficiency of security consultancy (62 percent) and MSPs (59 percent). 17 percent have no plans to use an external IT security service provider but almost a quarter (23 percent) see this changing in the next 12 months.

In terms of the threat landscape, the research shows that the loss of internal and confidential data is the main concern for almost half (48 percent) of businesses. This concern is rightly justified when looking at the actual attacks experienced by SMBs, with 41 percent experiencing viruses and malware causing a loss of productivity, more than any other attack vector.

Additionally, over half (55 percent) of SMBs claim to be worried about how trends such as BYOD adoption make managing security more difficult.