The last several years have been especially difficult for businesses when it comes to cybersecurity.
Facing new vulnerabilities brought on in large part by remote work arrangements, there was a 38% global increase in cyberattacks between 2021 and 2022, with a growing focus on small businesses and healthcare organizations. U.S. businesses were hit especially hard, seeing a 57% overall increase in attacks over the same period.
We partnered with Pollfish to survey 600 small business owners and cybersecurity specialists to learn how small businesses should be protecting their businesses from the increased attention of cybercriminals, and here’s what we found.
SMBs should prioritize prevention-focused cybersecurity strategies
The sheer volume of cyberattacks being executed across all industries have some owners focusing their cybersecurity strategies around risk mitigation and disaster recovery following detection of an attack.
Approaching cybersecurity in this way assumes that an attack is inevitable and cannot be avoided. But our survey results paint a different picture.
52.5% of SMBs have never been the subject of a successful cyberattack
While a little over half of small business owners surveyed say that they have not been a victim of a cyberattack, our survey reveals that small business owners and entrepreneurs should still be concerned.
In fact, we found that 20% of owners are unsure whether their business has ever been victim to a cyberattack, with the remaining respondents stating that they had actually suffered a cyberattack.
Looking beyond the survey data, we uncovered that the three industries most targeted by cyberattacks in 2022 were the education and research sector, government and military entities, and the healthcare sector.
The healthcare industry suffered the brunt of threat actors’ focus between 2021 to 2022, with businesses seeing the number of attacks over the year increase by sixty percent.
The last several years have been especially difficult for businesses when it comes to cybersecurity.
Facing new vulnerabilities brought on in large part by remote work arrangements, there was a 38% global increase in cyberattacks between 2021 and 2022, with a growing focus on small businesses and healthcare organizations. U.S. businesses were hit especially hard, seeing a 57% overall increase in attacks over the same period.
We partnered with Pollfish to survey 600 small business owners and cybersecurity specialists to learn how small businesses should be protecting their businesses from the increased attention of cybercriminals, and here’s what we found.
SMBs should prioritize prevention-focused cybersecurity strategies
The sheer volume of cyberattacks being executed across all industries have some owners focusing their cybersecurity strategies around risk mitigation and disaster recovery following detection of an attack.
Approaching cybersecurity in this way assumes that an attack is inevitable and cannot be avoided. But our survey results paint a different picture.
52.5% of SMBs have never been the subject of a successful cyberattack
While a little over half of small business owners surveyed say that they have not been a victim of a cyberattack, our survey reveals that small business owners and entrepreneurs should still be concerned.
In fact, we found that 20% of owners are unsure whether their business has ever been victim to a cyberattack, with the remaining respondents stating that they had actually suffered a cyberattack.
Looking beyond the survey data, we uncovered that the three industries most targeted by cyberattacks in 2022 were the education and research sector, government and military entities, and the healthcare sector.
The healthcare industry suffered the brunt of threat actors’ focus between 2021 to 2022, with businesses seeing the number of attacks over the year increase by sixty percent.
In 2022, cybercriminals found great success leveraging three specific tactics:
- Phishing and malware attacks over apps on mobile devices and smartphones, social media platforms, or through email
- Social engineering efforts to gain credentials to targeted networks by manipulating and misleading users with privileges to navigate those networks
- Ransomware attacks that install software on workstations, lock down target data, and create irretrievable data loss unless a ransom is paid to the attacker
In most cases, these types of attacks are preventable. But they often succeed due to a lack of training, poor discipline in adhering to security procedures, and/or inadequately implemented cybersecurity tools.
Successful cybersecurity efforts leverage specific features from software or service providers
In order to minimize the impact of human error on the success of cyberattacks, there is a growing reliance upon software and technology to shore up the ever-widening areas of vulnerability in corporate networks.
We tasked Pollfish with exploring which features SMBs require when incorporating cybersecurity software into their overall cybersecurity strategy, and found that the most sought-after features aligned largely with the most frequent types of attacks.
Password protection and management is the cybersecurity feature SMBs want most in a cybersecurity solution
Regardless of which failure point a cyberattack ends up exploiting, 80% of data breaches and attacks are predicated on the attacker having gained unauthorized access to those systems by stealing or otherwise obtaining user credentials.
This makes secure passwords an invaluable commodity, and therefore passwords should be protected by the strictest protocols possible.
Research reveals, however, that most businesses still allow users to manage their own passwords, and user habits around the creation of secure passwords are neither consistent nor in line with cybersecurity best practices.
This inconsistency and poor adherence to best practices can be partially attributed to the sheer number of logins and passwords we are forced to keep track of in our professional and personal lives.
Depending on the industry you work in and which tools you use outside of work, you’re likely juggling as many as 70-80 passwords, if not more.
Rather than relying on users and their poor password management or trusting authentication to Open Authorization (OAuth 2.0) through platforms such as Facebook and Google, businesses and individual users alike are turning to password managers and password protection tools.
With a single sign-on service provider such as Okta, JumpCloud, or OneLogin, users establish a secure and complex platform for the service, which in turn can generate extremely secure passwords, store passwords securely, and even provide multi-factor authentication.
While highly sought after, it’s important to remember these platforms are susceptible to attack themselves, as evidenced by the recent attack on LastPass, where attackers were able to obtain a backup of customer vault data through illicitly obtained employee credentials.
Multi-platform protection is the second most important cybersecurity feature among SMBs
Before quarantine lockdown requirements induced many businesses to embrace remote and hybrid work arrangements, it was somewhat easier for IT professionals and business owners to secure their networks.
The fact that more teams are now working remotely or in hybrid arrangements means that employees are working across an array of company-issued and personal devices utilizing multiple operating systems that include Microsoft Windows, MacOS, and Linux systems, as well as mobile operating systems such as Android and iOS.
This diverse digital work environment demands cybersecurity tools that are capable of integrating with—and protecting software from—a multitude of developers.
Because of the sheer volume of exploits and vulnerabilities being discovered daily that can leave systems exposed to attack, multi-platform cybersecurity products must be able to monitor and track updates across multiple products and software platforms, and be easily updated in order to best protect corporate digital assets.
Data storage and encryption services are the third most sought after feature by SMBs
In 2021, cybersecurity researchers discovered at least 623.3 million unique ransomware attacks, a full 105% increase over such attacks in 2020.
Increased government intervention and general professional awareness have led to some relief for businesses, bringing ransomware attacks down by 23% in 2022 versus 2021. But these attacks remain among the most damaging for businesses, as threat actors have evolved from committing simple extortion to also profiting from the sale of stolen data.
In the event that targets don’t pay or the attacker has no intention of restoring access to the encrypted stolen data even if paid, victims of ransomware often find that their live databases are destroyed beyond recovery.
The growing importance of client data protection combined with the frequency of attacks focused on gaining permission to access private client data have resulted in SMBs protecting against ransomware attacks with robust data storage and backup services.
Encryption services are also crucial in protecting data as it moves between systems, as this is when data is the most vulnerable. Cybersecurity software tools should, by default, encrypt and protect data whether it’s moving from an on-premise network or toward a cloud-based platform.
The method of encryption a company needs in their security solution will depend upon the type of sensitive information being protected and the types of systems it is moving between. So teams should do their due diligence to determine how best to encrypt and protect sensitive data, especially if there are industry-specific compliance and regulatory requirements in play.
Which cybersecurity software do SMBs prefer?
With the data revealing the most sought after features SMBs will be prioritizing in their technology stacks in the coming year, our Pollfish survey also explored which software solutions best met the demands of respondents.
It’s important to make it clear that when it comes to cybersecurity software, tools, and platforms, experts in the field will be the first to tell you that more spending and more software does not necessarily ensure your systems remain perfectly protected.
However, they will suggest that you use the software tools that best meet your needs and ensure that you’ve built out your cybersecurity plan using a defense-in-depth approach that provides multiple layers of protection across the breadth of your network and digital assets.
Respondents ranked McAfee and Norton both the top cybersecurity software and the worst cybersecurity software on the market
The McAfee Total Protection tool just edged out Norton 360 Deluxe with our respondents, but had a higher negative rating with our respondents as well.
Launched originally over 30 years ago, McAfee’s classic antivirus software, malware, and spyware protection tools have expanded to offer up a wide array of cybersecurity tools, including network attack protection, ransomware protection, access to a virtual private network (VPN), and password management.
According to several side-by-side assessments, the Norton 360 Deluxe tool outperforms McAfee on several fronts, including providing users with a highly configurable smart firewall, vital PC cloud backup services, and banking and payment protection.
Norton’s tool also puts less stress on the systems it’s used to protect and provides faster results. With the inclusion of backup services, Norton handily offers its users the top three features required by our respondents of security software.
SMBs rank Wireshark and Webroot amongst “worst” tools for cybersecurity
Of the tools ranked lowest by our respondents, it’s interesting that two have fairly strong reputations in cybersecurity for specific use-cases.
Wireshark is a free, open source network monitoring and troubleshooting tool heavily leveraged by penetration testers and digital forensics specialists. It’s usable across multiple platforms and considered an industry standard with a strong supportive community.
For the average SMB owner without the experience or understanding of how to use the tool to monitor their network traffic in both real-time and following an incident, the significant learning curve and special-use case make it understandable why it’s not as appreciated outside of the niche of professionals who use it for a narrow array of cybersecurity tasks.
Similarly, Webroot provides users with a powerful cloud-based endpoint protection service without having to invest in bloated and costly software. Because cloud-native endpoint security measures are deployed to protect remote systems, users have the advantage of improving protection for remote workers with software that is lighter and more agile, but provides results on par with industry leading solutions such as McAfee.
Despite its solid threat detection and malware prevention, as well as its versatile network management tools, Webroot isn’t as widely tested or supported in the cybersecurity research community. It has also performed inconsistently when it comes to protecting against ransom attack tests, and its firewall isn’t as robust as other comparable products.
Cybersecurity software versus cybersecurity service providers for businesses
With 76% of our SMB respondents agreeing that a business should employ cybersecurity protection in the form of either a software or a managed service provider, it’s clear that the activity of malicious black hat hackers and threat actors over the last several years has made an impression on business owners.
The conversation around cybersecurity has shifted in the last few years from detecting and responding to attacks towards risk mitigation and network defense measures. At the very least, these efforts have the potential to deter malicious attackers who would rather seek out more vulnerable, low-hanging targets.
45% of businesses use a SMB cybersecurity provider instead of, or in addition to, cybersecurity software
Cybersecurity providers have a deep knowledge of cyber threat intelligence. These security agencies are hired to assess and track the activity and probability of cybersecurity threats and security risks, much as you would hire a private security firm to protect and secure your physical property.
While budget limitations can be a challenge for new startups and SMBs, our survey results showed that 45% of respondents absorb the additional costs of outsourcing their network security to a managed service provider in lieu of—or in addition to—maintaining cybersecurity software.
For 42% of our respondents, one or the other isn’t sufficient enough protection, and the advice they give to other SMB owners is that they should, in fact, maintain both a major software and the managed services of a cybersecurity company.
This willingness to bring in outside assistance is often a necessity for small businesses who have neither the revenue to hire, nor the existing skilled staff on hand, to manage the highly technical and complex requirements of network maintenance and security.
Cybersecurity providers come to the table with the expertise, experience, and knowledge of how to configure cybersecurity software and properly monitor and protect the networks of their clients. These professionals also understand how to execute cybersecurity audits of their clients’ systems, as well as craft and execute an effective incident response plan and steps for vulnerability assessment and remediation in the event of a successful cyberattack.
Build a robust cybersecurity strategy with the end-user in mind
Threat actors are following the lead of traditional software developers by increasingly leveraging the power of machine learning and artificial intelligence in the tools they’ve leveled at their targets internationally.
It’s crucial that you use all of the resources available, from powerful cybersecurity software focused on intrusion prevention to the managed services provided by a cybersecurity-focused agency, in order to protect sensitive client data.
If your experienced team needs to learn more about cybersecurity tools and tactics, they can explore our expert cybersecurity content. Need a bit more to train your staff and secure your company’s data? Connect with a cybersecurity consultant in our network and get the guidance you need to ensure you’re protected.
UpCity’s Survey Method
UpCity used Pollfish to survey 600 U.S. small business owners and employees who use cybersecurity software.
Fifty-two percent of the respondents are male and forty-eight percent are female. A majority of male respondents are 35-44 years old (36%) and a majority of female respondents are also 35-44 years old (33%).