Small and medium-sized businesses (SMBs) need to have a sufficient security staff, and secure a development approach, IT, and security collaboration in order to achieve their cybersecurity amid the ongoing challenging time, Cisco said in a new study published on Monday.
Each of these components is expected to increase confidence and buy-in from peers and security success, according to the study.
Cisco’s 2021 SMB Security Outcomes Study, a derivative of Cisco’s 2021 flagship cybersecurity report, highlighted what SMBs leaders are doing to thrive in today's landscape, as well as offering actionable insights on where they should focus their digitisation, security planning, and cyber defense efforts over the year ahead.
The double-blind study is based on a survey applied on 850 regional IT and security professionals from small (50 to 249 employees) and mid-size (250 to 499 employees) organisations in 25 countries from Europe, the Middle East, Africa, and Russia (EMEAR), examining how security leaders in these businesses can achieve success in their cybersecurity programmes by looking at which specific practices help to enable their businesses, combat advanced threats and targeted attacks, and operate efficiently.
The survey revealed that security teams in small and medium-sized businesses are doing a better job in enabling the mission of their organisations.
With fewer resources, 44 percent of SMBs say their security teams are keeping pace with the changing needs and growth of the business, compared with 42 percent of large businesses, according to the study.
On risk management, the study said that compliance and the growing threats of cyberattacks have been a driver for security adoption, adding that such businesses need appropriate investments and collaborative teams to reduce these risks and to meet the regulations and requirements.
“Besides the sufficient security budget and having teams working together, the study finds that SMBs that proactively and regularly upgrade to the best available IT and security technologies improve the chances of mitigating critical cyberthreats and avoiding major incidents,” according to the study.
On operating efficiently, the study said that SMBs must seek ways to streamline both IT and ensure security optimisation.
The study found that SMBs are finding success when teams understand security and how security strategy and planning can support business imperatives, streamline incident responses, and minimise unplanned work.
The study also emphasised the value of teams working together, as this factor contributes wildly to cost effectiveness.
Moreover, the study highlighted the role of establishing well-integrated technology and incident response solutions for operating efficiently in medium-sized companies, adding the these two factors help in effectively minimising unplanned work and raising cost effectiveness.
“Historically, vendors, practitioners, and the cybersecurity industry as a whole have assumed that bigger means better. However, agility is what makes small and midsize businesses uniquely positioned to build successful approaches to security. Our findings reveal that SMBs place higher importance on having the right security strategy in place, and that they take the time to understand how this factor can best align with the digital transformation and growth agenda of their business. Planning for resilience and modernisation of technology remain critical factors for SMBs looking to advance their security fabric today,” said Fady Younes, director of cybersecurity at Cisco Middle East and Africa.