How MSPs Can Help SMBs With Cyber Threats

By Christine Kern, contributing writer

Report demonstrates many businesses are not prepared to stop cyberattacks.

While the nature of cyber threats has evolved and escalated over the past five years, it is clear that small to medium sized businesses (SMBs) have not kept pace. A Webroot survey of SMBs examined the state of IT security, assessing readiness in face of modern threats, and provided recommendations for IT decision makers to better secure their businesses in 2016.

The study, conducted by Wakefield Research, revealed many businesses are not prepared to protect against cyber threats or to address their consequences.

One reason for this gap in preparedness is SMBs often believe they are too small to be an attractive target for hackers, or they have little cybercriminals would find valuable. In today’s new cyber threat reality where automation, commoditization, and low upfront costs make it easier to become a cybercriminal, SMBS can no longer afford to be complacent about security.

The Webroot survey found many SMBs are outsourcing cybersecurity to managed services providers (MSPs) to compensate for the lack of time and in-house expertise. Eighty-one 81 percent of respondents agreed such outsourcing would improve their bandwidth for addressing other tasks.

Currently, less than a quarter of organizations surveyed reported they had a dedicated, in-house cybersecurity team or individual, while 32 percent said they had employees who handled not only cybersecurity, but other general IT responsibilities. Furthermore, 27 percent reported a mix of in-house and outsourced cybersecurity resources and 14 percent stated that they relied solely on non-IT staff or outsourced resources.

With the majority of SMBs surveyed planning to increase their cybersecurity budget in 2016, VARs across a broad variety of industries are realizing the value of this service-centric relationship with their clients. Customers who choose to work with an MSP avoid installation and maintenance headaches and also avoid diverting resources towards laborious IT security support tasks or ad hoc break/fix reseller charges.

And while SMBs seem to be more cognizant of cybersecurity-related risks to their organizations, many remain uncertain or under-informed about their own readiness to handle such risks even with heavy investments of time into protecting the environments. Even with 56 percent of respondents reporting over 17 hours spent on cybersecurity, 44 percent are still feeling they have less time to stay up-to-date on threats.

Significantly, only 37 percent of IT decision makers surveyed said their organizations are fully prepared to manage IT security and protect against threats. And yet, 84 percent replied they were confident someone on their staff could deal with a cyberattack, revealing an important discrepancy and potential misinterpretation of IT resources, knowledge, and capabilities to adequately handle a cyber attack.

Ultimately, the report highlights the future of security will require important changes, including a continued movement towards outsourced IT, particularly on the cybersecurity front. And IT decision makers must remain proactive about identifying MSPs that offer “intelligent cybersecurity” solutions.

For MSPs, this means a great new opportunity to meet the needs of SMBs. Offer solutions that are easy to install, capable of remote management, and include real-time protection against modern threats.