While small to medium businesses (SMBs) understand the need to invest in technology to support growth in the world of hybrid working, many fail to prioritise security, a new survey from cybersecurity solutions provider, Check Point Software, conducted by research firm, Analysys Mason has shown.

The survey highlights that most organisations including SMBs have embraced cloud, mobile, and SaaS technologies in recent years. Compared with pre-pandemic levels, there has been an increase in IT spending to drive business growth.

SMBs have accepted that the hybrid work model is here to stay and therefore have increased their investment in communication technologies and services to support remote workers. With remote workers using home and office access points, the attack surface has expanded thereby increasing the risk of cyberattacks.

Given the global cybersecurity skills shortage, SMBs are struggling to secure critical assets, making them a growing target for cybercriminals. Larger enterprises usually have bigger IT budgets and security resources, so they can recover more easily from a cyberattack.  For SMBs, a cyberattack can be fatal to their business. The survey found that two of the biggest impacts that cyberattacks have on SMBs include lost revenue (28%) and loss of customer trust (16%).

Less than one-quarter (22%) of respondents felt they were extremely well protected against cyberattacks, and only a minority have internal security specialists or are working with a third party. This means that many SMBs either have no security products in place or these products are managed by non-specialist staff. While there is a significant rise in the number of SMBs working with Managed Service Providers (MSPs) to help address IT issues, around a third of respondents noted they would like additional help from their MSP in upgrading security.

Security vendor solutions priced beyond their budgets was identified as a key challenge to having effective cybersecurity capabilities. Something has to change, to enable SMBs to take a longer-term view of the value of cybersecurity so that they can invest today to protect their growth tomorrow.

SMBs are expecting 40% of their employees to continue working remotely for at least some of the time. The highest priority is to ensure that IT can be managed and supported remotely, validated by additional laptop purchases and increased VPN capacity. However, the survey also shows that the take up rate of even basic security products is low. The most adopted service, endpoint protection, is only used by 67% of respondents and less than half have any form of mobile security.

Check Point Software vice president of product management, Eyal Manor said, “It is reassuring that SMBs have increased their investment in cybersecurity to support business growth and the new hybrid work model, but having the correct mix of security products is only part of an effective strategy. Because there is a shortage of cyber security workers for SMBs, they require security solutions that deliver proven threat prevention, are extremely simple to deploy and manage, and offer the flexibility of an ‘all-in-one’ solution that combines security and internet connectivity.”