According to Devolutions, despite advances in IT security measures, small and medium-sized businesses continue to be targeted by cybercriminals.
Ransomware payments and IoT malware incidents skyrocket
A surge in incidents such as ransomware payments and IoT malware attacks indicates this is a particularly challenging year. With technology, and AI in particular, acting both as a tool and as a potential threat, risks are higher than ever, highlighting the need to devote more resources to IT security and remain vigilant.
In 2023 alone, nearly 43% of all cyberattacks will be directed at small and medium-sized businesses, with the financial impact ranging from $120,000 to $124 per episode, depending on multiple factors such as the amount of records compromised. Ranging from $1,000,000.
Devolutions CEO david harview “Our findings align well with National Cybersecurity Awareness Month in October. One of the primary objectives of this report is to expand awareness of the vulnerabilities faced by many small and medium-sized businesses. It’s not just about presenting statistics, it’s about truly educating the industry about the various pitfalls, and how small businesses can use the findings to identify gaps, develop strategies, and It’s about being able to make informed decisions about your company’s cybersecurity posture. ”
When asked about the use of AI, 56% of respondents said they were very or very confident in its security. However, Devolutions cautions against becoming too complacent about the security risks associated with AI.
According to Devolutions CISO Martin Lemay“AI is an exciting technology, but it relies on vast amounts of data and can be misused. Therefore, it is essential to have good governance and strict data laws in place to prevent misuse.” is.”
Small businesses urged to strengthen defenses against cyberattacks
It’s not just AI that small businesses are overconfident about. Almost 80% of respondents believe they are generally well-protected against cyber threats, but they do not actually use important security tools such as password managers, two-factor authentication, and cybersecurity training. He was less than 60%.
Various factors contribute to this disconnect between perception and reality. This includes the tendency to underestimate the evolving complexity of increasingly sophisticated cyberattacks. End users are generally considered the weakest element in the cybersecurity equation, so employee actions and lack of proper cybersecurity training can further weaken your defense infrastructure.
The survey reveals that adoption of privileged access management (PAM) solutions has increased by 8% since last year, with 95% recognizing the importance of implementing a PAM solution, but the flip side of that is: , 35% of respondents reported negative experiences with PAM solutions. His PAM solution for the company.
This dissatisfaction may indicate implementation challenges, an overly complex solution, or a lack of training. These findings highlight the importance of small and medium-sized businesses using the right PAM solution tailored to their needs, rather than complex PAM solutions designed for large enterprises.
A positive takeaway from the survey data is that budget allocations for cybersecurity are increasing, with 51% of respondents meeting the recommended spending amount and 86% spending internally or externally, such as MSPs and MSSPs. We employ cybersecurity expertise through consultants.
LeMay summarizes: “We are in the era of the digital west, full of threats. Small and medium-sized businesses need to develop defensive capabilities to protect their interests and all stakeholders from predictable cyber-attack opportunities. Whether this capability is developed in-house or outsourced, cybersecurity expertise is critical to the future health and well-being of small businesses.”