More than six in 10 small- to medium-sized businesses (SMBs) have been hit by a cyberattack in the last year, BlackFog, a provider of on-device data privacy, data security and ransomware prevention capabilities, said in a newly released report.
BlackFog’s body of research, which contained data from surveying 400 IT decision makers at SMBs in the United States and United Kingdom, showed the importance of engaging with cybersecurity specialists to meet security challenges, the company said.
The MSSP/MSP Perspective
The volume of ransomware attacks on SMBs and the impact of business operations makes for an opportunity for managed security service providers (MSSPs) and managed service providers (MSPs) to support and advise their customers, Black Fog asserts.
According to the study’s findings, the opinions of providers or channel partners were valued more highly than that of peers by decision-makers. In fact, about 25% of respondents rated providers and partners as the most highly trusted compared with colleagues in their company (21%), analysts (16%) and peers within other organizations (10%).
Among the key findings on partnerships with external providers, the research also revealed:
- 69% stated they were more likely to ask their partner for advice on new cybersecurity solutions compared to last year.
- 41% of respondents stated that knowledge of cyberthreats was the biggest challenge in effective protection, pointing out how service providers and partners have a vital role to play in providing access to information and expertise.
- 87% of respondents believe that their IT providers were focused on understanding their cybersecurity challenges. However, only 39% of respondents felt they understood all their challenges.
- High-security standards are expected from partners, with more than a third of respondents (38%) stating this was the main determining factor when choosing a managed security provider.
Dr. Darren Williams, BlackFog founder and chief executive, explained how there is a “huge opportunity” for solution providers and partners to build new relationships in this market.
“Now, more than ever, as a trusted partner, MSPs have an important responsibility to ensure their client’s data is protected from extortion. Existing defensive-based approaches are no longer enough for today's polymorphic attacks, leveraging data exfiltration as the main weapon of choice.”
Cyberattacks as Repeating Occurrences
In addition to an initial attack, SMBs are also being victimized by repeat hijackings, with nearly nine in 10 assaulted by two or more successful ambushes in the last 12 months, the research found. On average, organizations saw roughly five successful data breaches, malware or ransomware attacks affecting their network, the report said.
For SMBs, the main impact of an attack was business downtime, which affected 58% of respondents. The successful attacks also negatively impacted customer trust and retention. One third of all respondents reported that the incidents resulted in the loss of customers. Nearly 40% reported that their data had been lost.
In commenting on all manner of malware hitting SMBs, Williams said smaller businesses are “under fire” on all fronts:
"Cybercriminals naturally gravitate towards targeting organizations with the lowest level of protection and this typically means small to medium businesses come under fire. With 89% of all attacks involving some form of data exfiltration, it is paramount for organizations to prioritize the protection of their most valuable business critical asset, their data."