Brian Jackson - Fotolia
SMEs are in the firing sights of cyber criminals forcing many to step up their investments and commitment to keep data protected.
Cisco's Small and Mighty cybersecurity report gives an insight into the current landscape revealing that 40% of SMEs suffered 8 hours or more downtime annually because of breaches and 92% of firms have appointed an executive responsible for security.
That individual needs to seek out the help of the channel because further findings from the Cisco report indicated that 46% of SMEs were not investigating alerts, even though they were facing on average around 5,000 a day.
The impact of the attacks could be calculated in time and money with many medium sized firms reporting that at the extreme the breaches can cost a couple of million pounds.
"Many of these organizations are challenged with keeping up with the sprawl of multiple security tools, developing security practices, and having a smaller number of trained personnel to manage and respond to threats. But in today’s landscape, every organization is at risk no matter their size," he wrote.
Added to the increasing attacks are the skills shortages on this side of the industry which make it difficult to recruit in-house talent to deal with the problem.
"Because SMBs and midmarket companies are not immune to the challenges created by the shortage of cybersecurity talent, they are finding ways to maximize their limited resources. More than half of these organizations rely on outsourced partners for advice and consulting services, incident response, and security monitoring," stated Barbosa.
He added that taking an ostrich approach was not really an option and trying to increase the defences was the best reaction: "Recognise that incremental change is better than no change. In summary, they should not let a desire to find the perfect silver bullet get in the way of becoming incrementally better. Remember to keep security above everything."
The report stirred the thoughts of others in the industry and Todd Peterson, product manager at One Identity, also had some advice, encouraging SMEs to take a leaf out of the enterprise book and try to approach security with the same mindset.
"To protect themselves, SMBs need to do the same things as large enterprises – ensure that access control is in place and actually put some thought into it, control and monitor administrator access and privileged accounts and automate and consolidate to remove as much human error as possible," he said.