Security News > 2023 > April > Lack of security employees makes SMBs sitting ducks for cyber attacks

To strengthen their cybersecurity posture, companies must spend valuable resources on maintaining or updating systems, hiring and training staff, and implementing security software - resources and options that many don't have readily available.

For businesses, security breaches risk not only exposure to customer data and a decrease in trust, but also losses in revenue if systems are taken offline through attacks such as DDoS. "The findings in this report show that SMBs have specific needs and pain points, particularly when it comes to hiring and having dedicated security employees," said Tyler Healy, VP of Security at DigitalOcean.

"Even without a traditional security role, there should be someone responsible for making security decisions in every organization; this kind of accountability is crucial. With slimmer budgets, SMBs shouldn't look to overcomplicate their security posture. For many smaller businesses, improving cybersecurity is likely not about what they can purchase or who they can hire at any single point in time, and is as much cultural and behavioral as it is technical. Choices to simplify security posture early can pay dividends as a business scales," Healy continued.

80% of startups and SMBs have one or fewer employees dedicated to security.

38% of surveyed businesses said they had zero employees dedicated to security as part of their role, and 42% had just one employee working on security.

Lack of time to focus on security and keeping up with changing threats are the biggest challenges for businesses.

News URL

https://www.helpnetsecurity.com/2023/04/04/smbs-security-posture/