Analysys Mason, a global technology analyst firm, announces the findings of its global study into cyber security buying and adoption trends in small and medium-sized businesses (SMBs) worldwide. The study of 3000 companies in ten countries across North America, Western Europe, the Middle East, Africa and Asia–Pacific identified that SMBs often struggle to find adequate security solutions and lack in-depth security knowledge.
Analysys Mason values the worldwide cyber-security market for SMBs at USD50 billion, with 13% annual growth over the next 5 years. Its industry research indicates that there is significant potential for further growth, and for security vendors and service providers to address the market opportunity more effectively.
Cyber-security service providers
Security incidents affect small and medium-sized businesses disproportionately"
“Security incidents affect small and medium-sized businesses disproportionately, compared to larger businesses,” said Tom Rebbeck, Research Director, Analysys Mason. “Cyber-security service providers need to do more to demonstrate the impact of these threats on the SMB community and the cost of an incident. SMBs worldwide depend on the IT security community to protect their businesses.”
“Analysys Mason’s research shows that even where SMBs feel protected, often they are not. SMBs need better guidance to make up for their lack of specialist skills and to understand which solutions they should invest in.” The survey reveals that most companies use basic IT security – such as anti-virus (97%) and email security (87%) – but there are serious gaps in security processes and SMBs need urgent industry help.
80% of survey respondents believe that they are well-protected, however 62% of SMBs do not regularly conduct any IT security assessments and 57% do not update their security software. These results highlight SMBs’ security vulnerabilities, a lack of specialist knowledge and the need for additional security products.
When asked for the top-three factors that will most affect their cyber-security plans over the next 12–18 months:
- 44% of SMBs cited protecting customer privacy and data will have the most impact on their plans
- 40% cited business continuity
- 32% believe that protecting physical assets and infrastructure will be one of their main considerations.
The survey also revealed a lack of knowledge about cyber-security processes and solutionsThe survey also revealed a lack of knowledge about cyber-security processes and solutions, which vendors and service providers will need to address. 20% of SMBs worldwide say that they do not understand their security products and a similar percentage do not feel well-protected. Both figures probably understate the problems that SMBs have with security.
Providing optimal solutions
In the USA and the UK, over 10% of SMBs said that they have challenges implementing effective cyber-security capabilities because the solutions are too complex and there is a lack of guidance (13%), suppliers are unable to provide optimal solutions (12%) and prices are a barrier (15%). Furthermore, 22% of SMBs in the USA and the UK said that they lack awareness of many of the vendors and their products.
These findings demonstrate that security vendors need to do more to simplify their solutions so that SMBs can more easily identify, purchase and manage them. Telecoms operators have a clear opportunity to offer cyber-security solutions. Our results show that businesses that are satisfied with their current operators’ services are more likely to also buy cyber-security solutions from them. Analysys Mason is launching its new cyber-security research programme, which targets security vendors, operators and managed service providers.