Zacky Vaz, regional channel manager at cyber security vendor Fortinet, talks about opportunities in the SMB sector and how channel partners can help their customers to lessen cyber risks.
Digital transformation is occurring across all industries as organisations adapt to meet changing consumer demands and the need for a more mobile workforce.
While this trend is largely associated with enterprises, it has actually been just as pervasive at small and medium-sized businesses (SMBs). In fact, a recent study commissioned by Fortinet and conducted by Techaisle found that 35% of SMBs say they are more reliant on technology today than in the past three years.
Technology use allows these clients to expand their business reach and capabilities into new regions where budget or staffing restrictions may not have previously allowed.
Cyber risks for SMBs
While these investments in technology bring many benefits to SMBs, they are not without risk. Adding these solutions to the stack increases the attack surface at a time when cyberattacks are becoming faster, more sophisticated, and persistent.
As organisations add technical capabilities, they have to be aware of—and take steps to mitigate—threats such as ransomware, DDoS attacks, malware, phishing, insider threats, and more. SMB leaders are aware of these risks, and are taking steps to invest further in security and minimise their susceptibility to cyberattacks, with 25% of small businesses and 62% of mid-market businesses noting intentions to increase their security budgets. The challenge is, where is the most effective place to invest those limited security dollars?
Why cybercriminals target SMBs
Your SMB customers’ concerns regarding cyberattacks are warranted. Cybercriminals have zeroed on these organisations as a focus area for three key reasons.
(I) They have data
It’s easy for smaller organisations to think they will not be targeted with a cyberattack because of their size, especially considering most breaches in headlines are at large corporations. However, this is not the case. Many of your SMB customers store data that is just as valuable to cybercriminals as that of larger companies – be it payment information, healthcare records, or other personally identifiable information. Having this information makes SMBs viable targets for attack. Furthermore, because this data is so critical to operations, smaller businesses are more likely to pay a ransom to get this information back in the event of a ransomware attack.
(II) They have less protection and resources
Not only do these organisations have much of the same valuable information as larger companies, but they typically have fewer security controls in place, or might be relying on legacy systems that are no longer supported with regular updates, or that cannot share threat intelligence in order to identify and respond to threats at the digital speeds today’s attacks require. Part of the reason is that SMBs do not have the same level of resources and expertise to devote to securing their network as enterprises. While larger enterprises can hire full teams to support cybersecurity initiatives, SMBs simply lack the budget. This makes it easier for cybercriminals to bypass more basic controls to gain access to their networks.
(III) They have less training
Finally, these organisations often do not have the same level of training or awareness of cyber risks. For example, only 40%of SMBs have formal protocols in place in the event of a breach and 42% are unsure which security measures they should have in place for cloud use. While larger enterprises may have security professionals who can provide this insight, the cybersecurity skills gap has priced many smaller companies out of this possibility.
The partner opportunity
The SMB market is actively seeking to increase its level of cybersecurity, and needs a knowledgeable, reliable partner to help them evaluate their security requirements and determine which controls they need to invest in to maximise the value of the limited budget dollars they have to spend.
SMBs are increasingly a target for cyberattacks. As a result, as they add solutions to their stack they are wary of the effect they will have on their level of risk. Fortinet partners can assist these organisations in finding the right level of security for their individual needs to keep them from suffering a data breach, while harnessing the benefits of new technologies to grow their digital business.