Skip to main content

SMEs may need to rethink their security strategies

security
(Image credit: Shutterstock / Khakimullin Aleksandr)

Cybercriminals rarely scale their attacks relative to the size of the company they are targeting, instead using the same tools and tactics regardless of who they’re up against.

And according to a new report from Cynet, considering the fact that large enterprises have more resources to combat these threats, that means that small and medium-sized businesses (SMB) are at more risk of being severely crippled by a cyberattack.

Cynet’s new report - 2021 CISO Survey of Small Cyber Security Teams – based on a poll of 200 CISOs, argues that these businesses need to “rethink” their cybersecurity strategy, and opt more for Endpoint Detection and Response (EDR) solutions, as well as automation, training and outsourcing.

Of the 200 respondents, 80 percent said they’d like to invest in more automated security solutions, while all of the respondents said they were outsourcing security mitigation to an external provider. More than half (53 percent) outsourced to an MDR service, while the rest outsource to an MSSP provider.

These SMBs have a better understanding of the value that tools such as EDR can bring, but most of them (79 percent) said it took their teams more than four months to deploy the EDR and become skilled at using the tools.

While eight in ten invest in automation, six in ten are investing in security training and certification, as well as consolidation of security tools and platforms. Half of the respondents said they were replacing complex security technologies and outsourcing to fill security tool gaps.