Small organizations face the same security threats as organizations overall but have less resources to address them, according to Netwrix.
Lack of budget among small organizations
The most common security incidents are phishing, ransomware, and user account compromise. However, smaller organizations usually have fewer resources and experience with which to address security threats. Indeed, lack of budget is their top security challenge, reported by one in two small companies.
“Cost efficiency is top of mind for small organizations. To improve their security posture, these organizations may want to seek out solutions that are tuned for the unique cost and security needs of small businesses. In addition, partnering with a vendor that offers multiple solutions is a way to get a larger discount for using several tools,” says Dirk Schrader, VP of security research at Netwrix.
“When we asked IT pros what they would do to improve the security posture of their small organization if they had a chance to decide on their own, their top choice was IT staff training,” added Schrader.
“One option for addressing the lack of cybersecurity expertise is to consider outsourcing security-related tasks to a managed service provider (MSP) or managed security service provider (MSSP). This approach not only eliminates the need to hire additional internal IT talent but can also reduce the cost of maintaining security software. For example, if a new compliance requirement arises, the MSP can make the necessary changes once, implement them across their customer base, and share the cost of the customisation among those clients,” says Dmitry Sotnikov VP of product management at Netwrix.
Overcoming cloud migration hurdles
68% of small organizations have a hybrid IT architecture. Interestingly, only 45% of the small organizations that are exclusively on-premises plan to adopt cloud technologies, compared to 69% among respondents overall.
“On one hand, there are a lot of cloud-native small businesses, born when cloud was already an integral part of the IT landscape. On the other hand, many small organizations made significant investments into their on-premises infrastructure and may not have the budget or resources to then migrate to the cloud,” says Dirk Schrader.
“Lack of experience and fear of moving to the cloud can also hinder cloud adoption in small organizations. To benefit from the greater flexibility that comes from transferring some security-related tasks to a cloud provider, smaller organizations can engage an MSP to map the most effective cloud migration path for their business and consider using security tools that cover both on-premises and cloud infrastructure,” says Dmitry Sotnikov.