SMBs need to not only reduce their odds of being hit by an attack, but also implement processes that they can follow if their defenses are breached
The prevalence of cyberattacks continues to rise, with our telemetry showing a 13% increase in cyberthreat detections in 2022 year-on-year. While the news tends to feature breaches involving major companies, it would be wrong to assume that only large enterprises are targeted by cybercriminals.
Although these incidents grab the most headlines, criminal activity in the digital world often shows little in the way of preference. And with so many IT platforms used by both small and medium-sized businesses (SMBs), and the enterprises they often support, criminals can leverage a large variety of tools and techniques that promise to deliver ill-gotten gains at scale.
However, with new threats constantly emerging, it is crucial that SMBs, which may have less resilience to confront security incidents, not only put in place measures to reduce their chances of suffering a breach, but also prepare themselves for the worst-case scenario. Business leaders should consider how they would mitigate the damage that a cyberattack could do to their business, whether that be a loss of sensitive customer data, theft of financial information, or an erosion of customer confidence.
Security not keeping pace
In our survey of over 1,200 SMB cybersecurity decision-makers conducted last year, two-thirds (69%) said they experienced a breach or acted upon a strong indication of one in the past 12 months. A third even said they had been breached more than once. Something needs to be done.
Worryingly, 70% of SMBs warned that their investment in IT security had not kept pace with the changes to operational models they were forced to make during the pandemic, and 77% said they will continue to use technologies designed to ease hybrid working – such as Remote Desktop Protocol (RDP) – despite the security risks.
However, many are taking steps in the right direction. This includes implementation of multi-factor authentication (50%), insistence on the use of a corporate VPN (50%), keeping remote access tools up to date (49%), and using more secure configurations for remote access tools (37%).
Investigation and reconfiguration
For SMBs that experienced a breach, it typically took several weeks to investigate the attack and reconfigure IT systems to prevent similar attacks in the future. A third (32%) said it took between seven and 12 weeks, and only a fifth (21%) said it took less than two weeks. To cut this time down, it is important for SMBs to establish robust protocols that can be followed in the event of a cyberattack.
Though the time to recovery can vary, SMBs have been quick to take action after a breach, with the most popular responses including investing in cybersecurity training for IT teams (42%), conducting cybersecurity risk audits (39%), and investing in new cybersecurity tools (38%). In retrospect, SMB leaders should consider the savings that can be achieved by taking these steps proactively, rather than reacting after things have already gone wrong.
A smart move
A cybersecurity audit is a smart move for any SMB, as it can be used to minimize risk. Our survey showed that almost 3 in 10 (27%) SMBs conducted a cybersecurity audit in the past six months, and a third (33%) in the past year. Where a cybersecurity audit was undertaken, 52% used an external IT security company, and 40% conducted the audit themselves.
While factors investigated in a cybersecurity audit vary, they are most likely to include the protection of sensitive information (44%), identifying and assessing cybersecurity threats (39%), detailing recovery plans for lost or stolen data (38%), and employee cyber-awareness (37%).
You are not on your own
With two-thirds of SMBs having experienced a breach, it is no longer a case of if, but when. The average cost of a breach to an SMB is thought to be €219,000, at a time when many are already struggling with rising expenses. However, if an SMB can get its operations back up and running in a timely manner, this cost can be reduced.
Therefore, it is vital that businesses not only put time and thought into reducing their chances of being hit with a cyberattack, but also put in place processes that they can follow if their defenses are breached.
Remember, you are not on your own. ESET provides SMBs with multi-layered enterprise-grade endpoint protection, featuring easy-to-use management, the latest in machine learning, and several scalable protection options, including Extended Detection and Response. To find out more, please head over to our website. If you are interested in knowing more about our SMB survey, read our 2022 ESET SMB Digital Security Sentiment Report.