• SIMPLIFY. EXPAND. GROW.

    SIMPLIFY. EXPAND. GROW.

    #SMB #MIDMARKET #UPPER MID-MARKET #CHANNEL
    LEARN MORE
  • HYBRID WORK IS HERE TO STAY?

    HYBRID WORK IS HERE TO STAY?

    NOT SO FAST SAYS THE DATA
    ANALYSIS
  • NEXT CHANNEL - THE FUTURE OF PARTNER ECOSYSTEM

    NEXT CHANNEL - THE FUTURE OF PARTNER ECOSYSTEM

    Networked, Engaged, Extended, Hybrid
    DOWNLOAD NOW
  • FEATURED INFOGRAPHIC

    FEATURED INFOGRAPHIC

    2021 Top 10 SMB Business Issues, IT Priorities, IT Challenges
    GET IT NOW
  • BUYERS JOURNEY

    BUYERS JOURNEY

    Influence map & care-abouts
    LEARN MORE
  • DIGITAL TRANSFORMATION

    DIGITAL TRANSFORMATION

    Delivering Connected Business
    LEARN MORE
  • SECURITY RESEARCH

    SECURITY RESEARCH

    SMB & Midmarket Security Adoption Trends
    LATEST RESEARCH
  • MANAGED SERVICES RESEARCH

    MANAGED SERVICES RESEARCH

    US SMB & Midmarket Managed Services Adoption
    LEARN MORE
  • CLOUD RESEARCH

    CLOUD RESEARCH

    SMB & Midmarket Cloud Adoption
    LATEST RESEARCH
  • CHANNEL PARTNERS

    CHANNEL PARTNERS

    Transformation or Consolidation
    LATEST RESEARCH
  • ANALYTICS & ARTIFICIAL INTELLIGENCE

    ANALYTICS & ARTIFICIAL INTELLIGENCE

    SMB & Midmarket Analytics & Artificial Intelligence Adoption
    LEARN MORE
  • 2021 SMB & MIDMARKET PREDICTIONS

    2021 SMB & MIDMARKET PREDICTIONS

    Top 10 SMB & Midmarket Predictions for 2021
    READ NOW
  • WHITE PAPER

    WHITE PAPER

    SMB Path to Digitalization - Prologue and Epilogue
    DOWNLOAD
  • COVID-19 IMPACT

    COVID-19 IMPACT

    on SMB IT Spend Growth Rates
    FULL ANALYSIS
  • SAAS RESEARCH

    SAAS RESEARCH

    US SMB & Midmarket SaaS Adoption
    LEARN MORE
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15

Techaisle Blog

Insightful research, flexible data, and deep analysis by a global SMB IT Market Research and Industry Analyst organization dedicated to tracking the Future of SMBs and Channels.

Continuously improving IT security is both an SMB challenge and a USD68B opportunity for suppliers

Small and midsized businesses find it challenging to defend their users, applications, and data against external threats. Data from Techaisle’s SMB and Midmarket security research reveals 63% of US SMBs report that they experienced one or more cyberattacks in the last year, contributing to an average of 3.6% of revenue loss attributable to security incidents. For 46% of SMBs, preventing cyber-attacks is one the most pressing and critical IT issues. Yet, 59% of SMBs are very confident that their firms could recover from a cybersecurity incident. Nevertheless, security issues cast a long shadow over SMB IT priorities, especially as firms embrace the benefits of hybrid work, hybrid IT, only to find that their environments become more complex and more challenging to manage and protect. SMBs respond by expanding security budgets – but they lack the staff and expertise to construct effective shields around their organizations. The channel, working with leading-edge products like those from Fortinet, Cisco, Dell Technologies, Palo Alto Networks, has an essential role to play in defending their clients’ SMB businesses against security threats.

The origins of the saying “it’s about the journey, not the destination” may be unclear. Ralph Waldo Emerson, theologian Lynn H. Hough, Canadian rapper Drake, or others may have said the phrase, but its applicability in an IT security context is clear. There is no endpoint at which security is ‘done’; security requires constant updating to stay current with expanding threat vectors.

This requirement for continuously improved IT security is both a challenge and an opportunity for security suppliers.

What is the opportunity?

Techaisle has pegged global SMB security spending in 2023 at $68 billion. However, high IT security spending levels and growth rates mask an underlying sense of confusion concerning safeguarding emerging cloud and hybrid IT environments – and a lack of resources to address this problem. Compounding – or perhaps, causing – the lack of clarity into cloud security issues and the relatively tepid adoption rates for cloud security solutions is that SMB IT operations are under-resourced. Without specialized staff, SMBs cannot keep pace with the constantly changing threat vectors and security options.

The lack of insight by small businesses becomes clear: only 5% have IT security staff. 44% of midmarket firms have an average of three full-time internal security staff, but the demands of a business of this size would exceed a single individual’s bandwidth. The percentages more than double for upper-midmarket firms. Simply put, SMBs lack the bench depth needed to dedicate IT resources to security. Everywhere within the SMB segment, there is a mismatch between available resources and the depth of the skills required to keep pace with security needs.

The lack of understanding of a threat associated with a widely-used platform on the one hand, and the lack of IT staff resources available to address security concerns on the other, produces a clear conclusion: SMBs need suppliers to step up to the delivery of secure IT environments.

In many cases, these suppliers will be the mainstream channel partners who supply the SMB’s technology and act as the IT management presence within the SMB’s business. In other cases, including in many midmarket environments, the source of security products and services will be specialized managed security providers who focus tightly on operating SOCs and protecting client environments. In some scenarios, firms will ‘land’ by entering a client account from one of these positions and then ‘expand’ to serve a broader range of IT supply needs – crowding out competitors who can’t address the risk and compliance issues that are central to the CEO’s mandate.

What is the security supplier call to action?

As security suppliers move towards managing SMB security needs, they need to address the pace at which their clients absorb new offerings. Small businesses will not embrace eight new technologies, nor are midmarket firms going to integrate fourteen new solutions into their environments. Even if this were possible from a budget perspective, it would cause chaos in the business.

Instead, suppliers of security services need to co-create a security roadmap with their SMB, which starts with assessing the customers’ executive teams’ tolerance for risk. What absolutely must be secured, and in what order? The security supplier can then identify the solutions that best fit the customer’s immediate and longer-term needs and then deploy, integrate and manage the solutions over time. After all, data shows that 45% of SMBs feel it will be beneficial for them if an external services firm can help define and implementing security policies.

One key point of exposure in this process is the ability to ensure that different solutions work together. In the cloud world, and increasingly in the on-premise world as well, channel partners and MSPs focus on integrations: the breadth of a single vendor’s product line, plus – and importantly – the extent to which third parties develop and support links to a firm’s products.

There will be no slowdown in the digital transformation of SMBs; their business infrastructure will increasingly rely on technology. Likewise, there will be no slowdown in the threats to that infrastructure; as reliance on technology increases, so does the potential bounty for attackers. And as a result, there will be a continuous and growing need for IT security services – which will sustain firms adept at delivering and managing security solutions that combine expertise and industry-leading technology.

  0 Comments

Cisco Meraki masterfully enabling digital workplaces for SMBs

New work patterns and acceleration of distributed workplaces are resulting in a range of productivity benefits for SMBs today. As such, businesses see increased workforce efficiencies and talent recruitment while minimizing cost by reducing intermediaries and integration of contract professionals – and even improved environmental performance through reduced commuting and building footprints.

In the quest to deploy a perfect hybrid workplace technology infrastructure, SMBs often overlook networking – wireless, routers, firewalls, and beyond. Similarly, as small business retailers and other small commercial offices struggle with re-opening uncertainties, they are also grappling with the daunting task of enabling secure and safe environments for their employees and customers. Digitization with minimum IT disruption and low manageability is on their minds.

Cash flow constraints, limited access to finances, competitive landscapes, need for innovation, erratic revenue, uncertainties, the pace of technology change, and many more are drivers for achieving cost efficiencies within SMBs. Digital transformation is no longer the domain of only upper midmarket firms and enterprises. Techaisle's SMB and Midmarket Digital transformation survey research shows that 46% of SMBs are adopting digital transformation to reduce costs, and 38% are planning for innovation in customer engagement and services.

Helping SMBs thrive with robust IT solutions

Unbeknownst to many, the Cisco Meraki platform and the solutions that it powers is a critical foundational technology to fast-forward digital transformation for SMBs. Much of this comes from its ease of use, simplicity, and flexibility for lean IT to innovate by doing more with less.

Cisco acquired Meraki in 2012, around the same time (2013) when it divested Linksys to Belkin. Over the years, Cisco has continued to innovate on its highly successful Meraki platform. It is no secret that Cisco Meraki invented cloud-managed networking technology in 2006 and has continued to innovate and expand the networking portfolio to IoT solutions and cover any business need or use case. The Meraki platform consists of switching, security & SD-WAN, wireless access points, mobile device management, and now extending to IoT, including smart cameras and AI-equipped sensors to drive business intelligence.

When it comes to deep intelligence and analytics, Meraki Health and Meraki Insight allow SMBs to monitor all aspects of their network and applications from the Meraki dashboard or API and easily detect and fix potential issues in minutes. Techaisle's survey research shows that only 4% of small businesses have internal full-time IT staff. They spend 79% of their time on support, maintenance, and troubleshooting—creating not only an IT efficiency deficit but also negatively impacting organizational productivity. Meraki Health's objective is to make troubleshooting simple for the lean, almost non-existent, or over-burdened small business owner/manager. Ultimately, small businesses need to propel growth and enable new business initiatives freeing up time and resources.

To ease the digital transformation, Meraki provides many capabilities that protect SMBs of any size, including:

  • Preventing cyber-attacks: Meraki MX Security & SD-WAN appliances protect SMB business, users, and devices. Meraki security has the backing of Cisco Talos, one of the largest commercial threat intelligence teams globally.
  • Deploying remote workers: Meraki Z3 teleworker gateways provide connectivity and secure and seamless in-office experiences. Meraki Insight delivers deep visibility into critical business applications and proactive troubleshooting for remote workers.
  • Ensuring safe occupancy: Meraki MV smart cameras lets SMBs maintain social distancing guidelines by remotely monitoring and tracking safe occupancy levels in physical environments through intelligent analytics, such as object detection and tracking.
  • Cost savings from simplicity: All Meraki products are deployed and controlled from a single pane of glass. Meraki Health is available for all devices, saving a lot of troubleshooting time by pinpointing specific problematic devices and clients via root cause analysis.

SMBs agree that Meraki solutions can be quickly deployed with zero-touch provisioning and configuration and remotely managed through a cloud-based GUI dashboard (single pane of glass), with all-inclusive licensing. Meraki provides 24/7 technical support (email or phone) and a lifetime warranty on devices (except cameras & outdoor APs) with advanced replacement.

Challenges in small business security

Techaisle's SMB security survey research data shows that security is a top IT priority and challenge for 76% of SMBs, and 65% are planning to increase IT security investments. Within the SMB segment, small businesses often lack the skills required to work with software-based security solutions and tend to be 25%-33% less likely than midmarket firms to work with managed service providers.
Most small businesses are not proactive in addressing security issues, but that may not be the whole problem, or perhaps even the greatest obstacle to small business adoption of security technology. Relative to midmarket firms, small businesses have limited to no internal IT security staff, are not generally working with a managed service provider capable of handling security needs, and are about 50% less likely to embrace external vendors' software-based security solutions.

While small businesses could theoretically pursue some strategies used by larger competitors, they lack the experience and skills needed to identify, deploy, and manage the products and relationships used to develop shields protecting valuable corporate data, applications, and human assets.

Meraki addresses these issues by providing a secure in-office experience to remote workers—giving access to applications while maintaining visibility and control from anywhere with a cloud-managed dashboard. It also encrypts data with Auto VPN, allowing employees to quickly, securely, and remotely connect to corporate locations.

Meraki smart cameras also address physical security, remote monitoring, and intelligence by including on-device storage and flexibility to access the data through the cloud. The cameras allow for a significant amount of playback features with machine learning and AI to compress the data and provide business intelligence instantly gleaned from long recordings. It is an ideal product for SMBs implementing social distancing guidelines, remotely monitoring physical spaces, reducing in-person exposure on-site, and ensuring comprehensive security.

How SMBs can adapt and digitize

As I said earlier, there is increasing importance for innovation and digitization (not referring strictly to the substitution of digital records for physical documents, but more broadly to the use of digital technologies to meet business goals) in SMB strategy. A combination of increased reliance on technology as a critical element of business success, burgeoning complexity, and cost constraint has created a perfect storm for small businesses to adapt to their changing environments using specifically designed technology.

Over the last few months, we studied use cases and Meraki's usefulness within the SMB segment. Meraki addresses real and compelling issues, and I believe it will continue to expand within the SMB community. Verticals such as healthcare, manufacturing, retail, and financial services have been quick adopters of Meraki, specifically, for launching new business models, deploying remote workers, transitioning to hybrid workplaces, cybersecurity, location analysis, contact tracing, social distancing, personal safety, curbside pickup, and more.

SMB owners and executives are concerned with issues that extend beyond technology. Yet, today's business environments are increasingly dependent on IT support, products, and services that improve productivity and efficiency or expand market reach and potential.

IT initiatives that can be linked meaningfully to broader business objectives can attract SMB executive support – meaning that products and services that address key business priorities have the most significant growth potential. Meraki is well on its way.

The future of IT

Today's economy demands that technology support SMB activities. The future will be defined by them capitalizing on technology-enabled business options. If SMBs are thinking about the path forward, from today's foundation to tomorrow's opportunity, they should include Meraki in their evaluations. Writing this analysis reminds me that I am working from home, and I should probably replace my mesh-routers with Meraki devices.

  0 Comments

Techaisle global research shows small businesses aligning attention to Cybersecurity

Techaisle’s worldwide survey of N=5505 SMBs covering 1-999 employee size segment reveals that 34% of small businesses (1-99 employees size segment) experienced one or more cyberattacks in the last one year. The percent jumps to over 50% when mobility security attacks and internal malicious thefts are included. Technology is to businesses in the 21st century what roads and assembly lines were in the 20th: the platform on which all processes are based, on which all business is conducted. But with the limitless potential of IT/business infrastructure comes a vast and growing set of threats. Small businesses cannot simply rely on regulators or the ‘rules of the road’ (from telcos or hyperscale cloud providers) for protection – they need to take action to safeguard their customers, their staff, their devices and their confidential corporate information.

Large enterprises have the means to hire SWAT teams of infosec professionals. But what can and should smaller businesses do, to grasp the potential of technology without opening themselves up to cyber threats? Survey data shows that only 3% of small businesses have full-time internal dedicated IT security staff. Let that data point sink in. Regardless of the relatively tiny presence of security staff, as compared to 87% within midmarket firms and 100% in enterprise segment, 55% of small businesses are currently handling their security needs internally and if the projected plans are followed-through then it will increase by another 25%. However, small businesses are not naïve. 61% are also outsourcing either all or some of their security needs to MSPs and other channel partners and plan to increase their outsourcing commitment by 41%. For 37% of small businesses, insufficient IT budget is a major constraint towards seeking outside expert advice, deployment and security management. Although 55% of small businesses are confident about recovering from a cybersecurity incident, 32% are quick to admit that they need external services to define an overall security strategy, help select right-fit security technology/products and assist in determining the risks faced by the organization.

The next question is - what worries small business executives?

Continue reading
  0 Comments

Cybersecurity - SMBs are maneuvering around the edges of flame

Techaisle’s SMB and Midmarket security solutions adoption research shows that although security is a top IT priority for 85% of SMBs, cybersecurity is still not the most pressing security issue for 80% of SMBs. These SMB firms maybe maneuvering around the edges of cybersecurity flame as 19% of small businesses and 28% of midmarket firms believe that they have established best practices to control cyber-attacks. 31% of SMBs report that they are very confident of recovering from a cybersecurity incident and another 20% say the recovery is dependent upon the type of incidence. Is it really the case that the security-confident SMBs have taken all necessary steps to safeguard data, user and environment? Answer lies in the next set of data points. Only 8% of small businesses and 24% of midmarket firms have tested their responses to breaches or security incidents to ensure that their protocols will be effective in a crisis situation. Less than 10% of SMBs are covered by cyber-insurance and only 5% are considering cyber-insurance.

 techaisle smb midmarket cyber attack priority

SMBs that build effective, responsive security frameworks will be positioned to capitalize on new technologies and on the new efficiencies that they enable. There is no denying that the threats that IT security frameworks address are becoming both more pernicious and a greater threat to the success of IT-dependent businesses – which is to say, nearly all businesses.

In the Techaisle survey, respondents were asked “– what would be the impact on your organization if there was a security/data breach of corporate information?” Responses indicate that the damage would be widespread and substantial. As the chart below demonstrates, the most severe consequence of a breach would be damage to customer privacy and trust, but there would also be damage to corporate reputations and profitability, difficulty in meeting regulatory requirements, and personal reputation damage for both business and IT professionals within the firm.

techaisle smb midmarket impact security breach

The NIST framework does a good job of describing a business’s approach to cyber security, but it doesn’t actually address the approaches used by ‘bad actors’ to attack data and users. To understand how attackers work (and might be stopped), IT security professionals often turn to the cyber (or intrusion) kill chain. This seven-stage view of an attacker’s process, developed by Lockheed Martin in 2011, helps technical leads to align security technology and processes against an attacker’s progressive objectives.

techaisle smb midmarket cyber attacker process
There are many variants on the diagram. Some include responses to the intrusion kill chain, urging businesses to “detect, deny, disrupt, degrade, deceive and destroy” attackers and their malware. Others highlight the key technologies and technology processes used to support these responses: for example, security professionals combating intruders at the reconnaissance stage might use web analytics to detect an intruder’s activities, and then firewall technology to deny access to corporate systems. The specific details vary from scenario to scenario, and evolve over time. What is constant, though, is the need for technically-adept security professionals to invest in capable technologies, to integrate these systems with each other, to develop processes that connect effectively with threats and technology-based ‘shields’, and to align these systems and processes with management’s corporate objectives.

It isn’t an exaggeration to state that in today’s business world, IT infrastructure is business critical infrastructure. SMBs are heavily invested in IT, with IT-dependent processes throughout their operations. This ubiquitous dependence on technology means that systems failure will reverberate throughout all of a company’s daily operations. There is no way to disaster-proof against IT failure with insurance; appropriate investment in IT security processes, technologies and management strategies is the only way to capitalize on the productivity benefits of IT without creating exposure to organizational paralysis in the event of a malware invasion, a hacker attack or an employee’s negligence or malfeasance.

The lack of understanding of a threat associated with a widely-used cloud platform on one hand (and likely, additional confusion with respect to security issues associated with other technologies), and the lack of IT staff resources available to address security concerns on the other, produces a clear conclusion: SMBs need suppliers to step up to delivery of secure IT environments and prevent cyber-attacks.

In many cases, these suppliers will be the mainstream channel partners who supply the SMB’s technology, who act as the IT management presence within the SMB’s business. In other cases, including in many midmarket environments, the source of security products and services will be specialized managed security providers who focus tightly on operating SOCs and protecting client environments. In some scenarios, firms will ‘land’ by entering a client account from one of these positions, and then ‘expand’ to serve a wider range of IT supply needs – crowding out competitors who can’t address the risk and compliance issues that are central to the CEO’s mandate.

Related research

US SMB and Midmarket Security adoption trends

Europe SMB and Midmarket Security adoption trends

Asia/Pacific SMB and Midmarket Security adoption trends

Latin America SMB and Midmarket Security adoption trends

 

  0 Comments

Search Blogs

Find Research

Blog Archive

Research You Can Rely On | Analysis You Can Act Upon

Techaisle - TA