With SMBs targeted by cybercriminals, Zacky Vaz, Regional Channel Manager, Fortinet, tells us how channel partners can reduce the risk.
Digital Transformation is occurring across all industries as organisations adapt to meet changing consumer demands and the need for a more mobile workforce. While this trend is largely associated with enterprises, it has actually been just as pervasive at small and medium-sized businesses (SMBs).
In fact, a recent study commissioned by Fortinet and conducted by Techaisle found that 35% of SMBs say they are more reliant on technology today than in the past three years.
Your SMB customers are increasing their daily use of technology in order to innovate, increase speed to market, remain competitive and more. Technology use allows these customers to expand their business reach and capabilities into new regions where budget or staffing restrictions may not have previously allowed.
As a result, technology has become critical across all lines of business – not just IT. Software now facilitates sales and marketing initiatives, communication and productivity. In particular, your SMB customers are investing in the cloud and cloud-based applications due to their scalability, lower upfront infrastructure costs, and support of a mobile workforce and customer base.
Cyber-risks for SMBs
While these investments in technology bring many benefits to SMBs, they are not without risk. Adding these solutions to the stack increases the attack surface at a time when cyberattacks are becoming faster, more sophisticated and persistent. For your SMB customers, a cyberattack is a high-stakes situation, as reports show that 60% of small businesses close within six months of a breach.
As organisations add technical capabilities, they have to be aware of – and take steps to mitigate – threats such as ransomware, DDoS attacks, malware, phishing, insider threats and more. SMB leaders are aware of these risks and are taking steps to invest further in security and minimise their susceptibility to cyberattacks, with 25 % of small businesses and 62% of mid-market businesses noting intentions to increase their security budgets. The challenge is, where is the most effective place to invest those limited security dollars?
Why cybercriminals target SMBs
Your SMB customers’ concerns regarding cyberattacks are warranted. Cybercriminals have zeroed on these organisations as a focus area for three key reasons:
They have data
It’s easy for smaller organisations to think they will not be targeted with a cyberattack because of their size, especially considering most breaches in headlines are at large corporations. However, this is not the case. Many of your SMB customers store data that is just as valuable to cybercriminals as that of larger companies – be it payment information, healthcare records, or other personally identifiable information.
Having this information makes SMBs viable targets for attack. Furthermore, because this data is so critical to operations, smaller businesses are more likely to pay a ransom to get this information back in the event of a ransomware attack.
They have less protection and resources
Not only do these organisations have much of the same valuable information as larger companies, but they typically have fewer security controls in place, or might be relying on legacy systems that are no longer supported with regular updates, or that cannot share threat intelligence in order to identify and respond to threats at the digital speeds today’s attacks require.
Part of the reason is that SMBs do not have the same level of resources and expertise to devote to securing their network as enterprises. While larger enterprises can hire full teams to support cybersecurity initiatives, SMBs simply lack the budget. This makes it easier for cybercriminals to bypass more basic controls to gain access to their networks.
They have less training
Finally, these organisations often do not have the same level of training or awareness of cyber-risks. For example, only 40% of SMBs have formal protocols in place in the event of a breach and 42% are unsure which security measures they should have in place for cloud use.
While larger enterprises may have security professionals who can provide this insight, the cybersecurity skills gap has priced many smaller companies out of this possibility.
The opportunity for partners
The SMB market is actively seeking to increase its level of cybersecurity, and needs a knowledgeable, reliable partner to help them evaluate their security requirements and determine which controls they need to invest in to maximise the value of the limited budget dollars they have to spend.
Fortinet offers a variety of security solutions that are specifically designed for SMBs and their main concerns of losing consumer data, losing consumer trust, suffering reputational damage, and being out of compliance with regulatory standards due to a successful cyberattack – and with the best price/performance and functionality value in the market.
Fortinet partners are trained to determine a business’s security needs based on the answers to a few simple questions, such as the number of employees in the organisation, how many devices each employee connects the network, and what sorts of applications and cloud services they are running.
SMBs are increasingly a target for cyberattacks. As a result, as they add solutions to their stack they are wary of the effect they will have on their level of risk. Fortinet partners can assist these organisations in finding the right level of security for their individual needs to keep them from suffering a data breach, while harnessing the benefits of new technologies to grow their digital business.