Techaisle Blog

According to a survey of 2035 businesses conducted by Techaisle, cybersecurity breaches cost SMBs (1-999 employees) an average of US$1.2 million in data, productivity, compliance and regulatory expenses, and staffing costs. In contrast, upper-midmarket firms (1000-4999 employees) suffered an average loss of US$28.6 million. The research also revealed that 56% of SMBs and 88% of upper midmarket firms experienced at least one cyberattack in the past year.

SMBs and midmarket firms recognize that a security breach can have significant business implications. When asked about the potential impact of a breach, 54% of firms stated that it would damage their customers’ privacy, 49% believed it would erode customer trust in their business, and 44% saw it as damaging to their company’s reputation. Nearly one-quarter reported that a breach would have a substantial negative impact on their bottom line. Security is not just an issue but also a critical factor in defending against threats to trust, compliance, and financial viability.

Security is a critical concern for SMBs and midmarket firms. While technology is essential for productivity, growth, and profitability, it also exposes businesses to potentially devastating security breaches. Many SMB firms practice “security through obscurity,” hoping that attacks will target larger organizations while they keep a low profile. However, with enough hackers, scammers, and cybercriminals to go around, every conscientious SMB executive must address security threats and take action to safeguard their business against other threats, such as loss of customer trust, compliance with laws and regulations, and loss of financial solvency.

Techaisle survey indicates that SMBs have IT security on their agendas, with 85% of SMBs and 100% of upper midmarket firms considering it a critical concern. A closer look at the findings shows that other important issues for SMBs, such as cloud and hybrid work, cannot be implemented without an effective security approach.

As the market becomes flooded with specialized security solutions, an important question arises: Who can effectively integrate and manage all these different solutions? Cisco is making changes to position itself as a leading contender. As a comprehensive solution provider, Cisco can fill gaps in the cybersecurity landscape and ensure a cohesive approach to security, especially cloud security. It is building and integrating its portfolio of offerings, for example, XDR, Umbrella, Duo, Talos, many others, and now Armorblox.

As threats evolve, security efforts have shifted from solely preventing incidents to investigating them quickly and anticipating future risks. With IT environments now comprising interconnected networks, communication tools, mobile devices, cloud applications, and more, security is a top priority. Techaisle data shows that security is an IT priority for 74% of small businesses, 85% of SMBs, and 100% of midmarket firms. Endpoint security is already relatively widely adopted by SMBs. In addition, security suppliers have made headway in gaining customers for mobile hardware and access control security services. While Endpoint Detection and Response (EDR) tools are helpful, their capabilities are limited to detecting and responding to threats on endpoints and servers. Prevention remains the best approach to security, but detection is essential.

Cisco’s new XDR technology presents exciting opportunities for business growth by leveraging its vast network infrastructure and customer data to tackle security challenges. To strengthen its position in the security industry, Cisco is streamlining its go-to-market strategy and investing in partnerships to unify its cybersecurity offerings. Its partner growth strategy includes upgrading firewalls and refreshing products for existing customers, offering competitive pricing and margins to win new business, and introducing new partner offers for Security Operations Centers, such as Managed Detection and Response using Cisco XDR.

Cyberattacks targeting small and medium-sized businesses (SMBs) have increased, particularly ransomware and DDoS attacks. Implementing multi-factor authentication (MFA) safeguards employee identities and credentials. However, only 16% of SMBs and 25% of midmarket firms use MFA enterprise-wide. Similarly, only 13% of SMBs and 16% of midmarket firms have adopted single sign-on. However, the intent to adopt is significantly higher. Cisco offers MFA and single-sign-on (SSO) through its Duo offering, introducing innovations such as passwordless and risk-based authentication and Verified Duo Push. In addition, Duo has made security more accessible by integrating its Duo Trusted Endpoints capability into all service tiers, allowing users to restrict access only from corporate-managed devices or devices registered with Duo. This helps prevent unauthorized access attempts from unknown devices. In the advanced tiers, users can also assess the devices’ health before granting access and block risky or non-compliant devices, such as those running out-of-date software.

Securing endpoints and servers is essential for organizations, but cybercriminals are finding ways to bypass these measures through covert attacks. Instead of directly targeting high-value assets in data centers, they gain access through laptops and move laterally through the network. As a result, relying solely on an EDR solution or a firewall is not enough to detect and prevent cyberattacks. To fully protect IT infrastructure, it’s necessary to integrate prevention, detection, and response technologies into a single solution. This is where Extended Detection and Response (XDR) comes in, providing a comprehensive approach to security.

XDR builds upon the concept of EDR and expands its scope. It goes beyond the endpoint and server by integrating data from various security tools, including firewalls, email gateways, endpoint, network, identity, DNS, public cloud tools, and mobile threat management solutions. While it is possible to connect these components manually, a comprehensive XDR solution is designed to function as a unified system wherein components are interconnected and work together seamlessly to optimize threat detection and response workflows. Cisco's XDR solution in one such system.

Technology advances daily; how can SMB IT resources and processes keep pace? In March 2023, Dell announced its Dell APEX Managed Device Service subscription to help SMBs and midmarket firms keep devices secure and up-to-date. Dell APEX Managed Device Service is available to buy as a month-to-month subscription at $70 per device for SMBs. Techaisle data shows that 83% of SMBs are prioritizing outsourcing their device, security, and overall IT management. At the same time, 62% are increasing their use of as-a-Service technology adoption. With Dell APEX Managed Device Service, SMBs have peace of mind knowing their IT needs are handled with Dell’s industry-leading IT management and support capabilities. From PC management to device security to expert Dell support, all in a flexible monthly subscription, this newest addition to the Dell APEX lineup delivers the immediate value small businesses need to focus on growing their business, not managing IT.

SMBs increasingly depend on information technology and deal with an ever-expanding portfolio of increasingly complex applications and platform technologies. At the same time, these firms are struggling to rein in IT-related expenditures, including staff-related costs. This combination of increased reliance on technology as a critical element of business success, burgeoning complexity, and cost constraint has created a ‘perfect storm’ for using managed services, especially services covering devices and security. As a result, managed services has become an increasingly important force within the SMB IT portfolio because its key attributes tie directly to business and IT challenges. The reasons for this intense (and growing) interest in service delivery are varied and compelling. The top two issues are “to keep IT costs under control” (49%) and “improve security” (38%).

Techaisle’s most recent survey data shows that the adoption of artificial intelligence (AI) is likely to increase by 79% within small businesses, 63% in core-midmarket firms, and 53% in upper-midmarket firms. AI has become a priority for 41% of small businesses, 75% of core-midmarket firms, and 79% of upper-midmarket firms. ChatGPT and Large Language Models (LLMs) have recently become the topic of conversations and business usage. When ChatGPT comes up in conversation – especially a discussion focusing on SMBs – the first question will likely be, “How many organizations are using it – and how?” Techaisle extended its artificial intelligence survey to pose the same question to 1872 SMBs. Both small and midmarket businesses forecast a substantial rise in the use of ChatGPT in the next one year. 17% of small businesses, 39% of core midmarket firms, and 79% of upper midmarket firms plan to use systems/tools/other products that embed ChatGPT. Results indicate that ChatGPT penetration within the midmarket, driven primarily by firms with more than 250 employees, will be reasonably robust. However, Techaisle feels that the planned adoption data is likely conservative.