Cyber-security service providers
“Security incidents affect small and medium-sized businesses disproportionately, compared to larger businesses,” said Tom Rebbeck, Research Director, Analysys Mason. “Cyber-security service providers need to do more to demonstrate the impact of these threats on the SMB community and the cost of an incident. SMBs worldwide depend on the IT security community to protect their businesses.”
“Analysys Mason’s research shows that even where SMBs feel protected, often they are not. SMBs need better guidance to make up for their lack of specialist skills and to understand which solutions they should invest in.” The survey reveals that most companies use basic IT security – such as anti-virus (97%) and email security (87%) – but there are serious gaps in security processes and SMBs need urgent industry help.
Cyber-security plans
80% of survey respondents believe that they are well-protected, however 62% of SMBs do not regularly conduct any IT security assessments and 57% do not update their security software. These results highlight SMBs’ security vulnerabilities, a lack of specialist knowledge and the need for additional security products.
When asked for the top-three factors that will most affect their cyber-security plans over the next 12–18 months:
(1) 44% of SMBs cited protecting customer privacy and data will have the most impact on their plans
(2) 40% cited business continuity
(3)32% believe that protecting physical assets and infrastructure will be one of their main considerations.
Providing optimal solutions
In the USA and the UK, over 10% of SMBs said that they have challenges implementing effective cyber-security capabilities because the solutions are too complex and there is a lack of guidance (13%), suppliers are unable to provide optimal solutions (12%) and prices are a barrier (15%). Furthermore, 22% of SMBs in the USA and the UK said that they lack awareness of many of the vendors and their products.
These findings demonstrate that security vendors need to do more to simplify their solutions so that SMBs can more easily identify, purchase and manage them. Telecoms operators have a clear opportunity to offer cyber-security solutions. Our results show that businesses that are satisfied with their current operators’ services are more likely to also buy cyber-security solutions from them. Analysys Mason is launching its new cyber-security research programme, which targets security vendors, operators and managed service providers.