No business is exempt from cybersecurity threats, and companies of are getting the message — even small and medium-size businesses (SMBs), according to a global study of IT decision makers (ITDMs) by cybersecurity firm Webroot and Wakefield Research.
In fact, nearly all (96 percent) of SMBs believe they’re susceptible to an external security threat this year, the study revealed. That figure was 98 percent for U.S.-based survey respondents who represented one-third of overall ITDMs. External security threats included new forms of malware infections, mobile attacks, phishing attacks, DDoS attacks and ransomware attacks.
Top external threats that ITDMs in the U.S. worry about this year: new forms of malware infections and phishing attacks, 49 percent each, followed by DDoS attacks (41 percent), mobile attacks (40 percent), and ransomware (31 percent).
And, according to Webroot, 71 percent of all businesses surveyed admit to not being completely prepared to manage IT security and protect against threats — that figure increases to 80 percent for U.S. SMBs. Research results indicate that only 21 percent of ITDMs at U.S.-based SMBs consider themselves “completely ready” to manage IT security and protect against threats, while 47 percent say they’re “almost ready,” 26 percent “somewhat ready,” 7 percent “far from ready” and 1 percent “will never be ready.”
The Webroot report surveyed 600 ITDMs at SMBs with 100-499 employees in three countries: U.S., U.K. and Australia, with 200 participants from each geography.
Taking a deeper dive into how U.S. ITDMs think about security management, one in three (33 percent) reports relying on a mix of in-house and outsourced IT security support, 22 percent have a dedicated in-house security team, 24 percent rely on in-house employees who attend to security while also handling other IT responsibilities, 13 percent turn exclusively to a third-party managed service provider (MSP), and 10 percent rely on their non-IT employees to handle security along with other responsibilities.
For those companies that rely on staff to address and/or eliminate any security issues, almost half (47 percent) are very confident they’d be successful, another 42 percent are somewhat confident of success, and 12 percent are not confident.
Looking more closely at U.S. SMBs that don’t outsource any IT security, nearly four in five (79 percent) said they’re very likely or somewhat likely (37 percent and 42 percent, respectively) to use a third-party cybersecurity provider in 2017. Another 21 percent are not likely to use outside resources.
It comes as no surprise then that more than half (52 percent) of U.S. ISDMs strongly agree that outsourcing IT solutions would protect their businesses against threats and increase bandwidth to address other areas of the business, and another 37 percent agree somewhat. On the other hand, 12 percent disagree that outsourcing security would help their businesses.
The cost of a security breach can be staggering for any company, including SMBs. U.S. survey respondents estimate that the average cost of losing customer records or critical business data is nearly $580,000, with 39 percent estimating even higher costs of $500,000-$1 million (17 percent) and $1 million and more (22 percent), with 22 percent estimating damages at less than $100,000.
Dollar damages aren’t the only thing ITDMs think about when it comes to a security attack; they also worry about …