skip to main content

The Evolving Cybersecurity Threat for SMBs

Video Length - 05:20

Organizations of all sizes are transforming to better serve their customers in a digital economy. For most this involves distributing applications to public clouds to increase agility and leveraging data more effectively to provide a differentiated experience. In this video brief, we discuss how this has also created higher levels of IT complexity and expanded the attack surface, placing these organizations at risk for cyberattacks.


Video Transcription



Bob Laliberte (Senior Analyst at the Enterprise Strategy Group):

Hello. I'm Bob Laliberte, senior analyst with the Enterprise Strategy Group.

Bob Laliberte is in the middle of the screen speaking directly to the camera.

Organizations of all sizes, are transforming to better serve their customers in the digital economy. For most, this involves distributing applications to public clouds to increase agility and leveraging data more effectively to provide a differentiated experience. Indeed, public Cloud Services have leveled the playing field for the mid market by providing access to enterprise grade solutions on a pay as you go basis, enabling these organizations to compete against larger companies.

A montage or various clips of back-end servers being worked on, office building and then someone working on a desk. All of these clips have overlay text of the dialogue being spoken.

Unfortunately, this has also created higher levels of IT complexity and expanded the attack surface. Placing these organizations at risk for cyber attacks.

Bob Laliberte reappears in the middle of the screen.

For small and mid market businesses this risk is even higher when you consider that the plurality of SMBs only have one dedicated security professional on their team. And more than a third have no dedicated security professionals. The evolving cybersecurity landscape is driving complexity.

Various footage of people working in an office setting, there is text overlay showcasing some of the dialogue being spoken alongside some graphics.

ESG research highlights this as more than three quarters of the small and mid market organizations surveyed report that their IT environments have become more complex over the last two years. When asked why their IT environments were becoming more complex the number one response an increasing or changing cybersecurity landscape. These organizations must also deal with growing amounts of data that's being created from the apps, sensors and devices in their environment. Plus, there's an increase in the number and types of devices being used in the work environment. This increase could be a result of bring your own device initiatives where employees may be using a wide range of different devices which can also create their own security issues. Or it could be the result of an IoT initiative. Cybersecurity events are bound to happen.

Informative graphics like a circle graph and iconography to visually show what Bob Laliberte is talking about.

ESG research indicated on average, that SMBs incurred three incidents per year Given that they reported that any one security incident has a 23% chance of putting their organization out of business, it is clear that organizations need to better protect themselves. Even if the business can remain open, these incidents have additional ramifications, including lost productivity, business disruption, time and people required for remediation and, of course, data loss. Given the number of incidents that have occurred and the lack of dedicated resources, one could ask if these organizations are doing enough to protect their IT infrastructure, data and business. We asked how vulnerable these organizations thought they were to a future cybersecurity attack.

More informative graphics showcasing the breakdown of the percentage the dialogue is speaking about.

More than half responded that they are either extremely or somewhat vulnerable to a cybersecurity attack or breach. The reality is that with an ever changing and evolving threat landscape, virtually every organization is vulnerable. In fact, it may be that those organizations that feel they're the least vulnerable are either not informed enough or just chose to answer this question in an aspirational manner. And also very important what was contributing to these security events? The three most commonly reported factors included human error by end users, the inability of IT resources to keep up with their workload and a lack of organizational understanding of cybersecurity risk. Even if you are not aware of the risk, is still very real, and it is imperative for organizations to become informed. While much of those results paint a bleak picture for SMBs, there is light at the end of the tunnel.

A montage of clips play that show various people furstrated at a laptop, an overlay with a graphic and some text restating the dialogue.

Virtually all small and mid market businesses indicated that they were using, planning to use or interested in using managed service providers to protect their IT infrastructure, data and business. As the research indicates, they bring significant benefits. The most commonly reported benefit is reduced operational risk. In fact, more than eight out of 10 SMBs reported that other benefits of working with MSPs include the ability to save time, free up staff to work on other projects, achieve better SLAs and reduce complexity. Many also reported they were able to save money. The research clearly indicates that MSPs, with the appropriate security skills and services, can deliver meaningful results to SMBs. In fact, organizations are 6.4 times more likely to believe MSPs are better at delivering cybersecurity services than their own staff. And if the right MSP is selected, SMBs believe they could deliver a number of additional IT services, that could provide even more value. Given that most organizations in the survey would prefer to work with a single MSP, organizations need to approach the selection process not as a one off vendor selection, but rather as a search for strategic partner that could help mitigate risk and enable employees to focus on the business To learn how sharp could help your SMB please visit their website for more information

Various clips of IT workers conducting work tasks in different office environments and with back-end servers. Overlays appear with graphics and text restating parts of the dialogue. One of the overlays have a line graph which shows the percentage of the following topics in this order: Reduced organization risk at 81%, time saved at 80%, staff freed up to work on other projects at 78%, better SLAs at 77%, reduced complexity at 72% and then saved money at 70%.