The numbers speak for themselves: Nine out of 10 security leaders believe their agencies are falling short in tackling cyber risks, according to Foundry’s 2021 Security Priority Study.
And while it’s best to invest in hardware and software to better protect sensitive data from cyber attacks, it’s not cheap.
However, many small and medium-sized business (SMB) leaders mistakenly believe that their companies are not the goal, and that spending more money on IT security if they are not violated, says Candidate West, vice president of cybersecurity research at Acronis.
Still, many companies spend less than 10% of their IT budget on security, according to a new report from Acronis.
But the problem isn’t just security costs, Wüest adds; In general, small budgets make it difficult to meet the needs of all businesses.
Also, he said, many SMBs use third-party security services, which makes it “difficult for the CEO or the president to see the amount of work that goes into data protection and security, as well as the benefits of doing so.”
SMB’s security risks are increasing
The fact is that cyber attacks are becoming more sophisticated as attackers now use automation and machine learning, making it more difficult to block threats with traditional security solutions.
“This is especially true because companies are embracing digital transformation and using new online services that need to be secured,” Wüest said. “Without adapting and updating the cyber security stack, these security loopholes will widen over time, making it easier for attackers to find holes and breach them.”
Meanwhile, the employees are threatening. The Acronis study found that 56% of workers lost data at least once in 2021, due to accidental deletion, app / system crash, malware attack, a lost / stolen device and other reasons. In addition, 26% lost data more than once.
Cyber attacks can be devastating for businesses of any size, resulting in severe financial penalties, downtime-related revenue loss and serious reputation damage. In fact, 76% of companies experienced downtime due to data loss last year – a 25% increase over the previous year, according to the Acronis report.
Cyber Security Investment Tips
So, how do you persuade company executives to increase your security budget?
One way to demonstrate the need for security software is to practice attack or run an external intrusion test to show potential loopholes in your security stack. There should be a plan with a list of these vulnerabilities and how to deal with them, Wüest says.
For example, having a matrix of the number of blocked events in an IT environment can help illustrate the risks. Combine this with recently promoted examples of what can happen if an organization is not ready, as well as an explanation of how vendors or managed security service providers (MSSPs) can close loopholes.
Other security measures include strong authentication, setting up appropriate access and control features, timely patch handling, and the use of segmented networks. Also, make sure you have a backup and a disaster recovery plan to reduce downtime if an event occurs.
“These steps should be followed by a better email security solution,” Wüest said. “Most attacks start with a malicious email or phishing attack. If these threats can be filtered out before they reach the user’s inbox, the risk can be reduced. “
Because there are so many moving parts that need to be analyzed, it is also important to bring vendors together and look for automated and integrated solutions, he advises. “It can help save overall costs and save some budget.”
From the application Infrastructure, click Here See how Acronis can help your company fill security gaps and secure your business.
Copyright © 2022 IDG Communications, Inc.