Study also indicates 92% of organizations would consider using or switching to a new IT service provider if offered the “right” solution
Cybersecurity remains a top priority for small and medium businesses (SMBs) worldwide, as revealed in a survey conducted by Vanson Bourne and commissioned by ConnectWise, the leading provider of business automation software for technology solution providers (TSPs). The third annual report, Cybersecurity in an Era of Competing Priorities: The State of SMB Cybersecurity in 2021, today found that organizations are challenged to find a managed service provider (MSP) or a TSP that will help protect them from rising cybersecurity threats, and most would consider moving to a new IT service provider with the “right” solution, and would pay on average 34% more for that service provider.
2020 was a study in contrasts, with some SMBs growing in the middle of the COVID-19 pandemic while others contended with increased cyberattacks and significant economic challenges. Many factors contributed to the increasing threat landscape, including the rise of remote work. In addition, the cost of suffering an attack has skyrocketed: 32% of SMBs have suffered a cybersecurity attack in the past 12 months, an increase from 25% who reported the same in 2020, with the financial repercussions of an attack, averaging $104,296, almost double the figure reported in 2019 ($53,987).
“It is clear now more than ever that TSPs need to have proactive, cybersecurity-specific conversations with their SMBs about what the right cybersecurity solutions should encompass to guard against ongoing threats,” said Jay Ryerse, CISSP, vice president of cybersecurity initiatives for ConnectWise. “The research findings clearly show SMBs’ willingness to spend money to protect their data, and TSPs are now at a critical crossroads to help them with this new opportunity.”
Four Key Challenges SMBs are Facing Regarding Cybersecurity Threats
The survey has identified four of the key challenges SMBs are facing that could be reducing their ability to tackle the cybersecurity threats:
- Challenge one: The difficulty of managing cybersecurity in an environment of competing priorities
- Cybersecurity may no longer be a key IT focus for organizations as the breadth of technologies available to them has evolved while the economy has rapidly slowed. Protecting against cybersecurity attacks has fallen from being a top three priority in 49% of organizations in 2020, to 44% in 2021.
- Challenge two: The added complexity of remote work in 2020 was well recognized
- 75% of decision makers agree that their organization is less secure due to the added complexity of a remote workforce. Remote work is not a trend that will be left in 2020 and 2021, but one that organizations must deal with in the long term. Only 35% of decision makers report their organization is very well protected against remote devices/employees being breached, further evidencing that organizations are not yet taking the steps they should be to protect remote employees.
- Challenge three: Poor communication between organizations and their managed IT service providers about cybersecurity needs
- The survey reports that there is poor communication between the organization and its IT service provider, as only 7% of organizations have cybersecurity-specific conversations as a matter of course, a fall from 13% in 2020.
- Challenge four: Poor cybersecurity skill sets within the organization
- There is an increase in decision makers stating that their organization lacks the skills in house to be able to properly deal with security issues, which has risen from 52% in 2020 to 61% in 2021. However, organizations are moving in the right direction when it comes to investment in cybersecurity: on average, cybersecurity budgets increased by 10% in 2020.
How MSPs and TSPs Can Help
MSPs and TSPs are key to facilitating organizations to implement cybersecurity protections in a time of competing priorities. Organizations who use MSPs and plan to stay with them are more likely to implement these measures than those who use a managed service provider and plan to change, or who don’t use a managed service provider at all. Providers who can prove their ability to help in areas such as improving cybersecurity around remote workforces will likely have a competitive advantage in attracting and retaining business than those who don’t.
“As businesses recover and grow amid the pandemic and other, multiple business challenges, we believe this year’s survey findings point to the need for TSPs to really prioritize cybersecurity for themselves and their customers,” said Jason Magee, CEO, ConnectWise. “In fact, cybersecurity continues to be a significant focus for our company, as demonstrated by the IT Nation Secure 2021 conference taking place this week, our recent security acquisitions and our broad range of security product and education offerings for IT service providers.”
The study was carried out between March and April 2021 and gathered information from 700 IT and business decision makers who are involved in cybersecurity in their organization. The research reveals that cybersecurity continues to be top of mind for SMBs globally, with respondents coming from the U.S. (300), the U.K. (150), Canada (100), and Australia and New Zealand (150). Respondents’ organizations have between 10 and 1,000 employees and belong to a range of sectors.
The full report, Cybersecurity in an Era of Competing Priorities: The State of SMB Cybersecurity in 2021, is available for download here. MSPs and TSPs can also register for The State of SMB Cybersecurity in 2021 to learn more about the research findings and what it means for them.
