Most SMBs plan to outsource IT security this year

96 percent of small- to medium-sized businesses (SMBs) in the US, UK, and Australia believe their organizations will be susceptible to external cybersecurity threats in 2017. And although businesses recognize the growing threats, 71 percent still admit not being ready to address them, the results of a recent Webroot survey have revealed.

SMB IT security

And although businesses recognize the growing threats, 71 percent still admit not being ready to address them, the results of a recent Webroot survey have revealed.

Key global findings:

  • IT decision makers (ITDMs) at SMBs are most worried about new forms of malware infections (56 percent), mobile attacks (48 percent), and phishing attacks (47 percent).
  • Nearly two-thirds of ITDMs believe it would be more difficult to restore their company’s public image than to restore employee trust and morale.
  • ITDMs estimate a cyberattack in which their customer records or critical business data were lost would cost an average of $579,099 in the US, £737,677 in the UK, and AU$1,893,363 in Australia.
  • Addressing the growing threat, 94 percent of ITDMs plan to increase their annual IT security budget in 2017, compared to 2016.
  • Businesses currently manage IT security in various ways. One-fifth of businesses have in-house employees whose responsibilities include IT security. 37 percent use a mix of in-house and outsourced IT security support, while only 23 percent have a dedicated in-house IT security professional or team.
  • 90 percent of ITDMs believe outsourcing IT solutions would protect their organizations against threats and increase their bandwidth to address other areas of their business.
  • The current cybersecurity landscape and lack of preparedness of small- to medium-sized businesses represent a big opportunity for managed security providers (MSPs). Among businesses who do not currently outsource IT security support, 80 percent will likely use a third-party cybersecurity provider in 2017.

“This study illustrates the general lack of preparedness for security around the globe. SMBs face just as many threats as larger ones, but are often at a disadvantage because of their lack of resources,” says Charlie Tomeo, Vice President of Worldwide Business Sales, Webroot,

“Given the recent spate of ransomware attacks, it is crucial for these companies to shore up their security and lean on the expertise of an MSP for a solution to combat threats from multiple vectors.”

Advice for SMBs

CROSS THOSE Ts: Being prepared is crucial. Create a plan of action to respond to any type of breach that includes outside resources, like an MSP, who you can call for assistance.

EMPLOYEE EDUCATION: Workers may not know how to avoid phishing and other types of attacks. Investing in regular security training is a great way to prevent attacks.

DON’T FORGET MOBILE: Employees’ mobile devices are doorways into business networks, and can leave them vulnerable to unseen risks. Reliable mobile security is essential to protect from malicious applications.

SPEND WISELY: Look to allocate any additional budget you may have where risks are highest. If you’re unsure, ask a security expert or your MSP where your vulnerabilities lie.

UPDATE SOFTWARE: Keep business devices up-to-date with the latest software and security patches.

BEWARE OF RANSOMWARE: The U.S. is consistently one of the most phished nations, and phishing can lead to ransomware. Create a layered defense by implementing strong backup and business continuity plans.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss