Addressing the cybersecurity skills shortage in SMBs

The global cybersecurity skills shortage is a known and persistent challenge, especially for small and medium-sized businesses (SMBs).

Our new report, based on findings from a vendor-agnostic survey commissioned by Sophos of 5,000 frontline IT/cybersecurity professionals, reveals that SMBs are disproportionately impacted by this lack of expertise.

It also offers practical solutions to address these issues within budget and resource constraints, and outlines how Sophos can help smaller organizations improve their cybersecurity outcomes.

Smaller organizations are disproportionately impacted by the skills shortage

Our research shows that SMBs perceive a lack of in-house expertise as their second biggest single cybersecurity risk, while larger organizations rank it seventh.
Risks that rank highly for larger organizations, such as a shortage of cybersecurity tools (#2 perceived risk for those with 501-1,000 employees) and stolen access data and credentials (#2 perceived risk for those with 1,001-5,000 employees), are secondary concerns for smaller businesses that are struggling with the more foundational challenge of having people to operate their existing investments.

Skills shortage: a two-headed challenge

The core issue driving the skills shortage in cybersecurity is the lack of qualified professionals in the field. This impacts SMBs in two ways.

Lack of expertise

Cybersecurity is increasingly complex, requiring advanced expertise to counter evolving threats. Our analysis reveals that 96% of smaller businesses find at least one aspect of investigating alerts challenging. While larger companies also face difficulties, the challenge is most severe for SMBs.

Lack of capacity

91% of ransomware attacks occur outside regular business hours[1] making 24/7 cybersecurity coverage essential but beyond the capabilities of most SMBs. Illustrating this point, our analysis reveals that SMBs have no one actively monitoring or responding to alerts 33% of the time, leaving them vulnerable to attacks.

The impact of the cybersecurity skills gap on SMBs

The skills shortage hits SMBs hardest. They are the segment most likely to have data encrypted in a ransomware attack with 74% of incidents resulting in data encryption – likely due to weaker detection capabilities.

Furthermore, with fewer people to share the cybersecurity load, the potential for talent burnout is high. In separate Sophos-commissioned research across Asia Pacific and Japan, 85% of organizations reported fatigue and burnout among their cybersecurity and IT professionals.

How to address the SMB skills gap

Hiring more cybersecurity staff is often not feasible for SMBs due to budget constraints and competition for limited talent. Skilled professionals tend to choose larger companies with better development opportunities. We recommend that you…

Work with third-party security specialists

Engaging third-party cybersecurity specialists is often the most cost-effective way to boost expertise and capacity. The two most common options are managed detection and response (MDR) services and managed service providers (MSPs).

MDR services typically provide 24/7 expert-led threat hunting, detection, and response across your environment. Analysts monitor your organization on your behalf – identifying and responding to suspicious activity and neutralizing attacks before they impact your business.

MSPs, traditionally supporting small businesses, are now also aiding medium-sized companies with cybersecurity. Many MSPs (81%) also offer MDR[2], allowing SMBs to combine both services through one provider.

Choose solutions actively designed for SMBs

Most cybersecurity solutions are tailored for large organizations with dedicated teams for deployment and management. Smaller organizations often struggle to realize security benefits and return on investment (RoI) from these enterprise-level tools due to ineffective use.

Instead, seek security tools that are technically robust yet user-friendly for stretched IT teams. When evaluating security solutions, consider both platform and product features.

• Platform – a cybersecurity platform centralizes the management of various cybersecurity solutions into one interface, reducing administrative overhead and simplifying vendor management. It enhances security by allowing solutions to collaborate and share insights, strengthening overall cyber defenses.
• Product features -vendors often list many features, so it’s important to identify your specific needs to avoid unnecessary costs. Choose cybersecurity solutions that automatically deploy recommended settings, minimizing manual configuration risks, and offer intuitive controls with clear visibility into deployments. For SMBs, selecting tools that automatically respond to attacks is crucial, ensuring protection until your team can intervene.

How Sophos can help

Sophos has deep experience in securing SMBs from advanced cyber threats and we have purpose built many of our products and services to specifically address their needs.

Sophos MDR

Sophos is the world’s most trusted MDR service, securing more small businesses than any other provider. We have extensive insights into attacks on small businesses and leverage telemetry from across our customer base to elevate protection for all users.

MSP

Sophos supports over 7,000 MSP partners across the globe with an expansive portfolio of world-class products and managed security services. Furthermore, Sophos is the world’s largest provider of MDR services to MSPs for their clients.

Platform: Sophos Central

Sophos Central is the largest, most scalable cloud native AI-powered platform in the industry. It’s used to manage all Sophos next-gen cybersecurity solutions, including Sophos Endpoint, Sophos Firewall, Sophos XDR, Sophos MDR, Sophos Email, and Sophos ZTNA. Integrations with a broad range of non-Sophos technologies, including Microsoft and Google, ensure that customers can see full value from their existing security investments.

Solutions actively designed for SMBs

Designed for ease of use, Sophos solutions feature automatic deployment with recommended settings, centralized management, adaptive defenses, and real-time visibility into security posture. These capabilities ensure SMBs can effectively defend against cyber threats, addressing the ongoing skills shortage in cybersecurity.

To learn more about Sophos solutions for SMBs, speak to your Sophos representative or partner or visit www.sophos.com.

[1] Stopping Active Adversaries – Lessons From The Cyber Frontline – Sophos | [2] MSP Perspectives 2024 – Sophos