SMBs Keep Up with Big Businesses for Cybersecurity


There may be a misconception in the business world that small-to-midsize businesses (SMBs) can’t – or worse, won’t – protect themselves from cyberattacks as well as their larger counterparts. According to research conducted by Cisco, that’s mostly fiction. In a recent report entitled “Big Security in a Small Business World: 10 MythBusters for SMB Cybersecurity,” Cisco debunked a number of unsettling misconceptions about SMBs’ ability to protect themselves from cybercrime.


Some of those myths include:

Myth: Larger businesses experience less downtime and recover faster from attacks.

Reality: Based on Cisco’s data, there is very little difference in the amount of downtime suffered by SMBs and larger organizations. In fact, 24 percent of SMBs faced downtime of more than eight hours last year for their most severe security breach, slightly below larger organizations at 31 percent.

Myth: Large businesses have more updated infrastructures – With the frequency of consumers upgrading to the latest smartphone, it may seem that larger organizations can afford to replace each element of their security infrastructure.

Partially true: When Cisco asked its SMB respondents to describe their infrastructure and their strategy for investing and replacing key security technologies, almost all are diligent about keeping infrastructure up to date. While SMBs don’t have quite as up-to-date infrastructures as larger businesses, a collective 94 percent of SMBs say they either update regularly or constantly.

Myth: SMBs face different threats than larger businesses – Cyber criminals want the big fish, so they’ll use their best tactics against large businesses.

Partially true: Cisco compared the types of cyberattacks that SMBs and large enterprises reported they’ve experienced in the past year to those of SMBs. What Cisco discovered is that ransomware doesn’t discriminate, earning the title as the most likely threat to cause more than 24 hours of downtime. DDoS, however, rarely causes the most impact for small organizations but is the third most destructive type of attack in terms of downtime for organizations with 10,000-plus employees.

Myth: SMBs don’t regularly patch vulnerabilities. It has been suggested that SMBs would rather use their resources elsewhere than find ways to minimize the disruption caused by patching.

False: In reality, 56 percent of SMBs patch daily or weekly, compared to 58 percent of large businesses.

Myth: SMBs can’t measure the efficacy of their cybersecurity programs.

False: 86 percent of SMBs say they have clear metrics for assessing the effectiveness of their cybersecurity program compared to 90 percent of larger organizations. However, only 46 percent of SMBs responded that they strongly agree their executives have established clear metrics, versus 53 percent of large organizations.

2W Tech is a technology service provider specializing in manufacturing solutions. Cybersecurity is one of our areas of expertise, so give us a call today to learn more.

Read More:

Artificial Intelligence Helps Keep You Compliant

Returning Your Remote Workforce Back to Your Physical Office 

Back to IT News