carbonite logo

Commonly searched topics:

backupcloud backupaccount sign in

Article · Sep 30, 2019

Cybersecurity tops list of SMB priorities as attacks continue


The incessant onslaught of cyberattacks directed at SMBs – coupled with a whopping 59% increase in attacks targeted at them – has triggered an increased level of cybersecurity awareness among SMBs. 

They are currently focused on bolstering their cybersecurity efforts, with 89% of SMBs identifying cybersecurity as one of their top priorities and 79% planning to invest more in cybersecurity within the next year, according to a report from independent market researcher Vanson Bourne.

Cybersecurity has turned from a situation where SMBs were once complacent about IT security to it now becoming critical to business survival and success.

The evidence is in the numbers

As cybersecurity woes for SMBs continue to escalate, here’s some data on SMB data breaches and cyberattacks that are key drivers behind cybersecurity becoming top of mind for SMBs:

  • 67% of SMBs experienced a cyberattack and 58% experienced a data breach in 2018, according to a Ponemon Institute report
  • 43% of attacks still target small businesses and 56% of breaches takes months or longer to discover, according to the 2019 Verizon Data Breach Investigations Report
  • 71% of ransomware attacks are aimed at SMBs, according to a report from the Beazley Group
  • Small businesses in the UK suffer almost 10,000 attacks per day, according to latest Federation of Small Businesses research

But what makes SMBs vulnerable to cyberattacks?

Here are two driving factors: Limited IT staff and/or expertise and SMBs being less likely to conduct regular employee IT security training.

As cybercrooks continue to unleash attacks on SMBs, Forrester predicts businesses will invest more in security services such as MSSPs this year. A dearth of security talent has firms exploring the security services route and businesses with midrange security budget also employ security services to bolster their security posture and respond to ongoing threats, according to Forrester.

As SMBs employ measures to bolster their cybersecurity efforts, Webroot research uncovered the top security technologies that SMBs are spending their IT security budgets on:

  • Backup/disaster recovery (83.7%)
  • Endpoint protection (80.3%)
  • Network monitoring services (69.5%)
  • VPN/Secure WiFi (68.7%)
  • Security awareness training (48.5%)
  • DNS protection (46.8%)

But, as cyber threats continue to proliferate, adopting a layered defense approach has become imperative for SMB cybersecurity success.

Why you need defense-in-depth

Given that there are no silver bullets for cybersecurity, adopting a defense-in-depth strategy is one of the best approaches for SMBs to adopt.

Defense-in-depth is a comprehensive approach to cybersecurity in which multiple layers of security controls are placed throughout a system. The idea behind the defense-in-depth approach is to defend a system against any attack using several independent methods. Its intent is to provide redundancy in the event a security control fails, or a vulnerability is exploited.

An effective data backup strategy, IT security planning, investing in security technologies, and implementing security awareness training, are all essential components of a defense-in-depth strategy.

Building a comprehensive data protection strategy is the key to success and investing in both antivirus and backup technology is an integral component. While antivirus is your first layer of defense against cyberattacks, a reliable cloud backup and restore solution will ensure business continuity if an attack does occur.

But, given today’s sophisticated threat landscape, investing in advanced endpoint security for securing corporate networks and predictive threat intelligence to gain a better visibility on your security posture have also become imperative.

However, keep in mind that focusing on technology alone to address cybersecurity challenges isn’t enough. Such investments won’t be fruitful unless you take proactive steps to keep your staff up to date on the latest threat vectors.

As the need for better cybersecurity will only grow, Carbonite and Webroot are creating the most comprehensive online security and coming together to provide a unique offering for endpoint protection. Together, we have the ability to fight cybercrime and protect users from the loss of priceless or business-critical data. 



Mekhala Roy

Mekhala Roy is a writer on the Corporate Marketing team at Carbonite. A former journalist, she blogs about Carbonite happenings and cybersecurity.

Related content