Subscribe
About

SME growth hampered by lack of cyber security

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 12 Oct 2022

Small and medium enterprises (SMEs) understand the need to invest in technology to support growth, but are unprepared for increased cyber risks that come with it.

This was revealed by a recent Check Point survey of the SME cyber security market, conducted by research firm Analysys Mason. It talked to 1 150SMEs across the US, Germany, UK and Singapore, and aimed to uncover how SMEs are emerging from the pandemic, and how their business and technology needs are changing.

The survey highlighted that although SMEs understand the need to invest in technology to support growth in the world of hybrid working, many fail to prioritise security. It showed that the majority of companies have embraced cloud, mobile, and SaaS technologies in recent years, particularly in the pandemic’s aftermath, to drive business growth.

SMEs have accepted that the hybrid work model is here to stay, and have increased their investment in communication technologies and services to support remote workers. However, the slew of home and office access points has widened the attack surface considerably, increasing the risk of attacks.

The researchers found that bad actors are increasingly using SMEs to gain a foothold on the networks of larger enterprises. Furthermore, the global cyber security skills shortage is putting SMEs on the back foot, and they are battling to properly secure their critical assets, making them an attractive target for bad actors.

While larger entities have larger IT budgets and more security resources, they can recover more easily from an attack, while for SMEs, this can prove fatal to their business. The survey found that two of the biggest impacts that cyber attacks have on SMEs include lost revenue (28%), and the loss of customer trust (16%).

Underprotected

SMEs struggle with a lack of expertise and require additional support, and less than a quarter (22%) of respondents felt they were extremely well protected against cyber attacks, and only a minority have internal security specialists or are working with a third party.

This means that a large number of SMEs either have no security products in place or these products are managed by non-specialist staff. While there is a significant rise in the number of SMSs working with MSPs to help address IT issues, around a third of respondents noted they would like additional help from their MSP in upgrading security.

Another inhibitor to cyber security, was that security vendor solutions are priced beyond most SME’s budgets. The highest priority among SMEs was ensuring that IT can be managed and supported remotely, validated by additional laptop purchases and increased VPN capacity, yet the take up rate of even basic security products is low.

The most adopted service, endpoint protection, is only used by 67% of respondents and less than half have any form of mobile security.

Eyal Manor, VP of product management at Check Point, says SMEs should consider leveraging third-party managed service providers to gain access to experienced cyber security professionals at an affordable cost.

Share