A successful ransomware attack is a nightmare for many businesses. For SMEs, it is even so dangerous that it can be fatal, according to many IT professionals. As a result, companies feel it is time to put security higher on the agenda and increase budgets, according to research by Datto. We dive a little deeper into the research to discover the state of cybersecurity in SMBs.

Organizations regularly state that they are increasingly aware of security risks. This will no doubt have to do with the fact that a sizable portion of SMBs have encountered security-related problems before. Half of all companies have experienced viruses and phishing messages, while ransomware has struck a quarter of companies, Datto found. In the past year, a third of SMBs encountered viruses and phishing and 13 percent of organizations encountered ransomware. Such figures show SMBs are not spared and would be wise to take security seriously.

Datto conducts the State of Ransomware survey annually. It has great visibility into the SMB world by helping businesses with security and backups through Managed Service Providers (MSPs). For the annual survey, nearly 3,000 IT professionals were surveyed, working in small to medium-sized businesses in eight countries. In addition to the Netherlands, these countries include Germany, the United States, Canada, the United Kingdom, Australia, New Zealand and Singapore. In this article, we use regular Dutch data as well, as the story was originally published on the Dutch edition of Techzine.

Recognition of the ransomware threat

One of the most important findings of the Datto survey is that more than half of IT professionals recognize that a successful phishing attack or worse (such as ransomware) causes serious damage to the organization. Some even see the attacks having fatal consequences. When that anticipation is combined with the fact that 6 in 10 companies expect to potentially face a successful ransomware attack this year, ransomware could do a lot of damage to SMBs again this year.

As many as 7 in 10 SMBs identify the impact of ransomware as extreme or significant. 28 percent expect minimal impact and 3 percent no impact at all.

One of the impactful consequences of ransomware is the ransom demanded by the hackers. An indication of that amount can be found in the table below. Although several security experts advise against paying that amount because it supports the crime and it is questionable whether decryption will take place, companies still appear willing to pay in the hope of getting the data back and becoming operational again. The amount requested thus gives an indication of the cost of a successful ransomware attack. This does not include all costs, as additional help for recovery and production downtime are also involved, for example. In any case, the table below gives an idea ($1 equals about 0.92 euros at the time of publication).

Budgets rise

Amid cybercrime statistics and growing awareness around the consequences, security budgets are also on the rise. For 42 percent of SMBs, the amount to be spent on security is increasing, without the survey specifying how much extra money goes into it on average. For 40 percent of companies, it remains the same, while six percent see a decrease. Dutch SMEs generally set aside 21 to 30 percent of their IT budget for cybersecurity. This development is explainable when you consider that when it comes to security problems, one in five Dutch companies cites a lack of funding for security solutions as the biggest cause.

Datto notes that the willingness to invest in security offers MSPs opportunities. They can encourage companies to make the right improvements and upgrades. Especially when you realize that one in four SMBs outsource security to an MSP. One in six even does so with a Managed Security Service Provider. At the same time, it means that a large proportion of organizations manage security internally. However, they may run into a shortage of tech talent or lack of expertise, so they turn to outsourcing.

Also read: Kaseya acquires Datto for 5.7 billion euros

Essential recovery plan

When it comes to a recovery plan, which maps out how to deal with a successful ransomware attack, half of IT professionals have a standard recovery plan. Some companies simply still need help creating such a plan. This is where MSPs can help, so they do be prepared for problems. MSPs can help determine what resources the companies need for the plan, such as business continuity and disaster recovery and access management tools.

“SMBs have faith in their ability to recover from a cybersecurity incident,” Datto notes. “Despite this confidence, there is ample opportunity for MSPs in this area to suggest new solutions to mitigate risk or upgrades to a client or prospect’s security buildout to make it even stronger — 16% of respondents told us that their organization would be doomed in the event of a successful cyberattack or another damaging cybersecurity incident, and 47% said they believe recovery would be difficult.”

Successful disaster recovery is therefore easier said than done, people believe. For example, one in five IT professionals had to reinstall and reconfigure all systems to get things working again. The table below shows common recovery steps.

SMBs ultimately benefit from giving business continuity and disaster recovery attention to reduce costly downtime due to an attack. Consequently, 33 percent of Dutch companies plan to invest in it over the next 12 months. Only 3 in 10 SMBs have a best-in-class recovery plan, and 52 percent say they have a standard recovery plan.

Secure base

Another thing that stands out is the current position of cyber insurance. Most SMBs have or are looking for such insurance. Moreover, IT professionals working at an organization with insurance are likely to be willing to invest in other smart security practices. They generally have more IT support, more cybersecurity frameworks and more security solutions deployed. Moreover, they have often experienced a security incident in the past.

Around cybersecurity frameworks, there has been a lot going on lately anyway, because such things are constantly evolving. For example, a lot of security experts recommend a zero trust strategy. However, the survey finds that only 14 percent of SMBs use the framework, while seven percent have it on their radar. According to Datto, there is still much to be gained in this area. Of the frameworks and regulations covered, CIS and CMMC are the most widely used by businesses.

Curious about more survey results? Then check out the full report on Datto’s website.