A recent survey by Cyren, conducted by Osterman Research, has revealed the biggest concerns of IT professionals are ransomware and phishing.
When asked about their biggest security concerns, 62% said ransomware, 61% said phishing, and 54% said data breaches. The survey also showed that investment in cyber defenses has increased, yet for many firms, even further investment in security solutions has failed to prevent data breaches.
It is unsurprising that confidence in the ability to prevent data breaches and cyberattacks is so low, as 68% of SMBs surveyed had experienced at least one serious security breach in the past 12 months. 29% said they had experienced a successful phishing attack, while 18% had ransomware installed that encrypted files.
63% of SMBs said they have increased their cybersecurity budgets in the past 12 months. The average budget increase was 27%. Even though more money has been devoted to security, fewer than half of respondents were confident in their ability to prevent data breaches and deal with the threat from ransomware and phishing attacks.
Each year, budgets for cybersecurity are increasing, yet the amount spent on new security solutions has little impact on confidence in defenses. For many firms, it is not a lack of security solutions that is a problem, but a lack of staff that is hampering their ability to defend against cyberattacks and respond quickly when attacks occur.
Just over half of surveyed organizations (52%) said they only had two or fewer staff members dedicated to cybersecurity, while for SMBs with 100-500 employees, 80% said they had two or fewer security staff. Given the staff shortages, it is perhaps no surprise the many SMBs are turning to cloud security solutions rather than using on premise solutions. The latter require skilled staff to implement, monitor and maintain, whereas with cloud based solutions they can rely on the expertise and diligence of cloud service vendors.
Last year when the survey was conducted, 21% of IT managers favored cloud-based security solutions. This year the percentage increased to 29%. 32% still favored on premise solutions.
When looking for new security solutions, the primary consideration is the effectiveness of the solution, which was rated top of the list of desired capabilities by 85% of respondents. Second was speed of defenses against new threats (74%) followed by reporting capabilities, the user experience, ease of management, and finally the cost of the solution.