SMBs Struggle to Bring Employees in to Handle Security, Data Privacy

SMBs Struggle to Bring Employees in to Handle Security, Data Privacy

By Greg Tavarez

Cybersecurity threats are increasingly prevalent and more dangerous than ever before in today’s technology-driven world. The risk of a security breach is a significant concern for businesses; it not only exposes confidential customer data and erodes trust, but also leads to revenue losses if critical systems go offline due to DDoS attacks.

SMBs and startups are particularly vulnerable to these threats. The impact of a breach on their operations is potentially devastating and addressing the issue can drain their resources. Companies must devote significant resources to maintain and update their systems, train employees on cybersecurity best practices, and deploy effective security software (which is often not an option for many SMBs and startups).

In fact, 42% of SMBs have one employee dedicated to security and 38% have zero employees dedicated to security, according to a DigitalOcean report. Those numbers (at least, in part) explain why SMBs have pain points when it comes to cybersecurity; more specifically, with the time and budget to manage that security.

And security isn’t the only concern for SMBs when it comes to lack of resources, though. The study also found that 74% of businesses say that data privacy is also a top concern for their business – as it should be. However, just like a decent percentage don’t have employees dedicated to security, a majority have zero employees dedicated to data privacy.

“The findings in this report show that SMBs have specific needs and pain points, particularly when it comes to hiring and having dedicated security employees,” said Tyler Healy, Vice President of Security at DigitalOcean. “Even without a traditional security role, there should be someone responsible for making security decisions in every organization; this kind of accountability is crucial.”

Still, even with resources being limited, there isn’t a lack of trying to take measures to prevent cyberattacks. In the report, more than half implemented two-factor authentication, 41% implemented firewalls or security applications and 37% implemented password or access controls.

And when it comes to data privacy, one area of focus for companies that want to ensure their data is protected and secure is reviewing the security and data protection policies of third-party vendors, which can include cloud providers and other technology vendors. According to the study, 62% request legal agreements, such as data protection agreements and privacy policies; 57% request regulatory requirements, such as GDPR, HIPAA or FedRAMP; and 29% request certifications, such as SOC and ISO.

Without dedicated cybersecurity employees, SMBs must act early and trust their vendors (including cloud providers and other security products) to maintain a secure environment in a changing threat landscape. Those that don’t, unfortunately, risk customer attrition, reputation damage and revenue loss.

“SMBs shouldn’t look to overcomplicate their security posture,” said Healy. “Choices to simplify security posture early can pay dividends as a business scales.”




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Real Estate Forecast 2025: Emerging Developments and Market Shifts

By: Contributing Writer    7/1/2025

Buying or selling property can be challenging. Rising mortgage rates and fluctuating home prices leave many uncertain about their next move. Business …

Read More

Protecting Business Assets with Smarter Security Frameworks

By: Contributing Writer    7/1/2025

Protecting your business is more challenging than ever. Cyber threats are increasing every day. Hackers target small and large businesses alike, searc…

Read More

Reimagining Public Transportation in the Era of Smart Mobility

By: Contributing Writer    7/1/2025

Public transportation can be frustrating. Buses stuck in traffic, late trains, and hard-to-navigate systems often leave people stressed or stranded. M…

Read More

SonicWall Powers Secure Access for Missouri MSP, Improving Cybersecurity and Network Access for Clients

By: Erik Linask    6/27/2025

With SonicWall, Stronghold Data delivers a modern, secure remote access solution that ensures access to networks and resources and improves cybersecur…

Read More

Guardz Unleashes AI-Driven ITDR to Combat Escalating Identity-Based Threats

By: Erik Linask    6/26/2025

The launch of Identity Threat Detection and Response (ITDR) gives MSPs the tools to defend SMBs against increasingly sophisticated attacks targeting u…

Read More