Small and medium businesses (SMBs) are increasingly turning to software as a service (SaaS) solutions – but they are opening themselves up to new security threats at the same time.
Kaspersky Lab’s latest research shows what threats SMBs face and how they bridge the gap between smaller IT security budgets and limited expertise. For those SMBs without the necessary internal resources or available budgets, 40% are looking to outsource IT infrastructure and processes to third parties.
In 2016 Kaspersky Lab, in cooperation with B2B International, conducted the global annual survey of more than 4 000 business representatives from 25 countries. The resulting report, “The Evolving Role of SaaS and IT Outsourcing in SMB IT Security”, showed that the top cybersecurity incidents SMB organisations experienced in a year were viruses and malware causing a loss of productivity (41% reported it); inappropriate use of IT resource by employees (39%) and physical loss of devices containing data (31%).
At the same time, SMB’s biggest concerns are malware – specifically ransomware, targeted attacks, phishing and other social engineering techniques and previously unknown vulnerabilities.
The research also showed that, on average, a single cybersecurity incident now costs SMBs $86,500. The cost of recovery significantly increases depending on the time of discovery. SMBs tend to pay 44% more to recover from an attack discovered a week or more after the initial breach compared to attacks spotted within a day.
At the same time, 40% of SMBs who participated in the study admit that they lack sufficient insight or intelligence on the threats faced by the business.
In this situation, more SMBs are turning to outsourcing – 57% already make use of external IT security service providers and 22% plan to do so in the near future.
Vladimir Zapolyansky, head of SMB marketing at Kaspersky Lab, says: “The report shows that SMBs currently face a number of challenges when it comes to protecting their businesses from security threats. On the one hand, they typically have a lack of resources, budgets and security expertise that can make them attractive to cybercriminals. On the other hand, increasingly complex security environments resulting from trends, such as the volume of mobile devices they need to protect, requires action. This makes it all the more important to spend budgets wisely by choosing a solution created especially for them with their needs in mind, such as Kaspersky Endpoint Security Cloud; and also look at other options for remaining vigilant by taking a SaaS approach to security.”