How enterprise tools have failed SMEs, and consolidation can help

Padlock against circuit board/cybersecurity background
(Image credit: Future)

There are 5.51 Million SMEs based in the United Kingdom, making up 99.9% of UK private sector businesses, accounting not only for a sizable majority of the economy, but also employing the majority of UK workers - some 61%, or 16.7 million people.

This is a trend which is reflected globally, where the number of SMEs rises to 400 million, making up about 90% of global companies, and 50% of global employment.

However, despite representing the backbone of the world’s global economy, SMEs remain chronically and systematically underserviced by the cybersecurity industry. The vast majority of security tools fail them. According to the University of Salford, 43% of cyberattacks target SME businesses, and 60% of these organizations in the UK are out of operation within 6 months of said cyberattacks. Estimates globally are even starker, with the US-based 2023 Business Impact report indicating that some 73% of small business owners and leaders experienced data breaches or cyberattacks in the past year. So, the state of play for SMEs remains not just serious, but existential to their very survival.

Dror Liwer

Co-Founder of Coro.

A masterclass in failure: How enterprise tools hinders SME security

Put simply, the issues which SMEs face are ones of financing and resourcing. But, when we dig further into the way these issues manifest, we understand how comprehensively failed the current generation of enterprise security tools has left them. A recently conducted survey, which polled 500 US-based cybersecurity decision-makers at SMEs lays this bare.

The findings show that cybersecurity teams at SMEs are overwhelmed and failing to appropriately manage the tools in their stack, as well as the alerts these tools generate.

In one way or another 73% of SME IT teams reported missing alerts: Over a third of respondents admitted to having missed a security alert at work, with a further 31% admitting to turning down the sensitivity of a security tool. Most concerningly, over a quarter of respondents admitted muting a security alert entirely.

This is likely due to a saturation of tools: Over half of those surveyed suggested that monitoring security platforms was their most time consuming activity, and the average respondent had to manage over 10 cybersecurity tools at a time.

Further compounding the tools issue is the amount of time needed to ensure that they’re fully operational, and working appropriately in conjunction with their other tools. On average, it takes 4.2 months for a new cybersecurity tool to become fully operational. Other aspects of the process also waste valuable time which could be spent on more productive cybersecurity tasks: 23% outlined integrating new tools with the existing security stack as time consuming, with 24% calling out installation, 26% referencing training staff in addition to the slim majority of 27% who suggested configuration.

While none of these statistics will come as a surprise, to see them laid bare reiterates how poorly SMEs have been serviced historically by the cybersecurity market: They are marketed - and eventually sold- tools that take months to onboard, and deal with a specific attack vector. Once these tools are up and running, the SMEs limited ability to effectively manage the output of these tools not only renders them useless, but actively hinders them from defending against cybersecurity threats.

The tools and alerts, however, only provide one part of the picture. SMEs must also manage significant numbers of endpoint devices - an average of 656 per respondent. For each of these devices, SMEs average 4 security endpoint agents - used to analyse, block and monitor device content - per device. These, in addition to the tools themselves, require near constant updates: 53% of respondents work with agents which require weekly, or even daily updates.

Concluding thoughts: Consolidate to survive and thrive

The picture painted is a bleak one, where endless, expensive cybersecurity tools fail at the core principle which they were designed for: To keep businesses safe.

Thankfully, SMEs and the industry alike appear to be moving towards a solution: Consolidation. A huge 85% of the SMEs surveyed suggested that they wanted to consolidate in 2024, with security at the core of this decision: 60% hoped it would improve security posture, with a further 19% hoping for a reduction in workload, and 21% looking to reduce costs.

If done correctly, consolidation can do all of these things and more. Consolidation-by-acquisition approaches which have been the modus operandi of the cybersecurity industry up until now effectively paint over the cracks, failing to offer a truly integrated and consolidated solution. A truly consolidated approach should offer SMEs the opportunity to stay as safe and secure as a large enterprise, without the associated costs, damage and failure outlined above. A truly consolidated approach should give organizations the confidence to operate cybersecurity tools reducing risk, instead of adding to it.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Dror Liwer is the Co-Founder of Coro.