Firewall and network security is the No. 1 concern when it comes to small- and medium-sized business (SMB) security, according to research, particularly as they begin to move more and more of their mission-critical infrastructure to the cloud. However, preparing for increasing security threats remains a challenge.
As SMBs continue to face well-known legacy challenges, such as a lack of in-house technical resources, they consistently struggle with underfunded IT security budgets and lack of deployment know-how, according to the SMB IT Security Report from Untangle. Top IT security barriers cited by respondents include budget constraints (47 percent) and limited time to research and understand new threats (37 percent).
Half of the organizations polled have IT budgets under $5,000 per year or less; and out of that 50 percent, a full half had less than $1,000 per year to spend on security.
The report, based on a poll of more than 350 SMBs worldwide, found that those same resource constraints have pushed this segment to adopt more managed and cloud services in an effort to lower operational overhead, which has resulted in an explosion of connected endpoints and cloud-exposed data for these companies: thus, the attack surface has widened.
In fact, about 75 percent of SMBs surveyed have fewer than five physical locations, but only 60 percent have fewer than 100 end-user devices to manage.
“SMBs face a double whammy as they are just as or more likely than enterprises to be targeted by cybercriminals, but are less equipped to deal with the fallout of a successful breach,” the report noted.
Less than 30 percent of SMBs surveyed have a dedicated IT security professional on staff; and, more than half of the organizations surveyed acknowledged that they distribute security responsibilities across roles in the organization.
Of the organizations that experienced an attack in the last 12 months, 33 percent were from phishing attacks, 27 percent from malware and 15 percent from ransomware.
“SMBs have less expertise and fewer dollars to dedicate to IT security, but they are the primary target of a growing number of phishing and malware threats, particularly as they move towards more cloud-based tools,” said Scott Devens, CEO at Untangle, in a media statement.