If you haven’t heard, cyberattacks are a big problem. They’re an even bigger problem for small companies. Why is that? Two reasons. First, because there are a lot of them and second, because they aren’t very well prepared.
Small and mid-size businesses (SMB) are the target of cyber-attacks quite often. “According to the Verizon 2019 Data Breach Incident Report (DBIR), 58% of SMBs experienced a cyber incident in 2018.”
SMBs are heavily targeted by cybercriminals because their cyber defenses aren’t very good. Their cyber defenses aren’t very good because they just don’t have the resources: staff or money. According to an article on the Security Week website, a new survey from Untangle querying 300 SMBs “found that 29% of these companies have an annual security budget of less than $1,000 per year. Fifty-two percent have no dedicated security professional on staff.“
A $1000 per year and no security staff—that’s pretty lean. Common wisdom holds that you can’t do much security-wise with those constraints. The article confirms that belief. “With such low security budgets, there is little room to improve security through security products.” Maybe common wisdom is wrong on this point.
So, what should an SMB do with little security budget and no dedicated security staff? In other words, what’s the biggest security bang for the buck? Well, they should start by recognizing the source of most cyber security problems and see if they can defend against that.
What we do know is that somewhere between 91% and 93% of all cybercrimes and cyber-attacks start with a phishing email. So, if they can stop phishing attacks, a lot of SMB’s cyber headaches go away. And what does it take to stop phishing attacks? Less than you think.
SMBs don’t have the money to purchase endpoint hardware and software security products to stop phishing attacks, nor do they have the staff to install, configure and manage it even if they did. The good news for SMBs is that there is an alternative.
Cloud-based email security service is the perfect solution for SMBs. There’s no upfront investment in hardware and software and no dedicated staff needed to get it up and running. More importantly, cloud-based email security is “fire and forget.” Once implemented, SMBs don’t have to give it another thought. It just works. No maintenance, no patching, no nothing. That’s exactly what time-strapped SMBs need.
Cloud-based email security must be expensive then. Not really. DuoCircle offers cloud-based phishing protection, with real-time link click protection, for about 30₵ per employee per month. For a company with 500 employees, that’s well under the $1000 per month limitation.
Cyber-attacks are a problem. And SMBs are money and staff limited. But most cyber-attacks start with a phishing attack and SMBs can stop phishing attacks with little money and no dedicated security staff. It’s time for SMBs to stop listening to common wisdom and protect their companies.