Chris Mckie, VP, Product Marketing Security and Networking Solutions at Datto, reveals the results of their recent State of ransomware Report. He explores the results in more depth for SMEToday’s readers and importantly, looks at what they mean for SMEs – in terms of the opportunities and also what they should be aware of.
In response to increasingly frequent and complex cybersecurity threats, small and medium-sized businesses (SMBs) have a heightened awareness of the risks that ransomware and malware present to their business, according to the survey. In the annual State of Ransomware Report, nearly 3,000 SMB IT professionals across eight countries weighed in on the steps their organisations are taking to protect themselves, such as investing in more security products and utilising multiple security frameworks. Despite this, only 3 in 10 SMBs have a best-in-class recovery plan in place.
SMBs to expand IT security solutions and strategies
SMB survey respondents disclosed that one-fifth of their budget is dedicated to security, and approximately 42 per cent of SMBs plan to increase their IT security budgets, as well as allocate additional resources.
Although the majority of SMBs have basic defences such as antivirus and email protection in place, the next 12-months will see an expansion of security solutions and strategies such as file backup (49 per cent), managed firewall (49 per cent), network security (47 per cent), and cloud security (45 per cent). Further down the priority list, SMBs plan to invest in business continuity and disaster recovery (27 per cent), as well as endpoint security (27 per cent).
While installing the right tools is critical to minimise downtime, SMBs are becoming increasingly aware of the need to proactively monitor their security posture. Survey results revealed that 62 per cent of SMBs run IT security assessments at least twice a year, while only 37 per cent run assessments three or more times a year.
Although most believe that NIST is the most popular cybersecurity framework, survey results proved otherwise. CIS and CMMC are most frequently used at 34 per cent and 30 per cent respectively. Further, while zero-trust is the recommendation of choice by industry experts, only 14 per cent of SMBs said their organsiations use that framework.
The market for cyber insurance
While there are many reasons to invest in cyber insurance, 42 per cent of the SMBs that have cyber insurance believe it is extremely likely that they will be exposed to a ransomware attack in the next year. Additionally, 7 in 10 survey respondents said that a successful attack would seriously impact their business, and nearly 75 per cent revealed that a ransomware attack would likely have a catastrophic effect on their organisation.
Cyber insurance can offset the risks of potential breaches, something that became increasingly more important during the COVID-19 pandemic when many SMBs began to accelerate their digital transformation efforts. Today, 69 per cent of SMBs have cyber insurance in place. Of the SMBs that don’t have insurance, 34 per cent plan to make the investment within the year.
Generally, SMBs with cyber insurance tend to be more actively engaged in cybersecurity than their counterparts. Overall, they have more IT support, more frameworks (CSFs), and more security solutions already in place. However, for SMBs without cyber insurance, the increasing cost of data breaches, ransomware, and other security attacks, as well as its rising premiums, and stricter underwriting requirements is making the insurance more difficult to obtain or afford.
Taking proactive measures to reduce vulnerabilities
In response to cyber incidents encountered in 2022, nearly one-third of SMBs were on the receiving end of a computer virus and 21 per cent reported COVID-19 related scams or threats. The main reasons behind these security breaches include phishing emails (37 per cent), followed by malicious websites and weak passwords and access management. However, 42 per cent of respondents believe their security issues were due to a lack of training and 24 per cent cited poor user practices and gullibility.
Despite the increased awareness and investments, bad actors are still finding weak channels upon which they can prey. In fact, 72 per cent of survey respondents think it is likely that their company will experience a phishing attack in the next year – an indication that there is room for SMBs to build out their defence layers.
There is another area which, if left untouched, could be potentially disastrous for SMBs – planning for the worst-case scenario. While 8 in 10 survey respondents said that their company has a recovery plan in place, only 29 per cent have one that is best-in-class, 52 per cent have a standard recovery plan, and 15 per cent admitted to having solutions in place, but not a formal recovery plan – leaving these SMBs at risk to complete data loss and significant business disruption.
Nearly half of the SMBs surveyed encountered downtime, which in 2022 the average cost to the business (including lost revenue) was $126,000 USD. A significant amount, but many SMBs simply don’t have the tools such as a unified business continuity and disaster recovery solution, a managed security operations centre, or an incident response strategy in place. Of the SMBs without the needed tools, 49 per cent relied on manual backups to recover data, and one-fifth were forced to reinstall and reconfigure their systems.
The survey results, in combination with the cybersecurity talent shortage and lack of internal expertise indicate that many SMBs will need assistance in planning for and dealing with security incidents. Currently, almost half of SMBs rely on a managed service provider (MSP) or a managed security service provider (MSSP) – a percentage that is likely to grow given today’s increasingly complex cyber threats.
The complete State of Ransomware Report can be found at https://www.datto.com/resources/datto-smb-cybersecurity-for-msps-report