Despite rising cyber exposures and intensifying attacks, small and midsize businesses actually may be regressing when it comes to defending their networks.
That startling finding comes from a Cisco survey of organizations with 250 to 499 employees.
SMBs did less to analyze breaches and used fewer threat defense tools in 2015 than they did in 2014, according to the Cisco 2016 Annual Security Report.
Free resource:Putting effective data risk management within reach
Some 48 percent of SMBs said they used Web security in 2015, down from 59 percent in 2014. And only 29 percent said they used patching and configuration tools in 2015, down from 39 percent in 2014.
SMBs may simply be frustrated, Kevin Parra, marketing manager at Cisco Security Business Group, tells ThirdCertainty.
Feeling overwhelmed
“With the increasing sophistication and volume of the attacks, there is this feeling that ‘we can’t keep up. Something bad is happening, and we are getting outgunned,’ ” Parra says. I’m “not sure why someone would dial it down, though. That, to me, doesn’t sound like a logical step. (But) the data shows that they did dial back.”
Cisco’s survey found SMBs are less likely than large organizations to maintain a cyber incident response team or a threat intelligence team. Thus SMBs tend to use fewer processes to analyze compromises. Some 67 percent of businesses with fewer than 500 employees have incidence response and threat intel teams, while 72 percent of large enterprises, organizations with more than 1,000 employees, have both teams.
It can’t happen to us
Another pattern that’s good news to attackers: A considerable number of SMB do not have an executive responsible for security, and many do not consider their company to be a high-value target.
“This belief hints at overconfidence in their business’s ability to thwart today’s sophisticated online attacks—or, more likely, that attacks will never happen to their business,” Cisco’s report says.
That perception belies widespread evidence that cyber attacks against companies of all sizes continue to steadily increase in both sophistication and intensity. “No business can afford to leave its networks unprotected, or to put off using processes that might offer insights on how a compromise occurred so it can be avoided in the future,” the report says.
SMB decision-makers also should consider how “their own vulnerability translates to risks for larger enterprise customers and their networks,” the report says. “Today’s criminals often gain entry into one network as a means to find an entry point into another, more lucrative network—and the SMB may be the starting point for such an attack.
This article originally appeared on ThirdCertainty.com.