The past 12 months have seen the SMB sector recover from the pandemic-induced shakeup of 2020, with businesses and staff getting used to working in the new normal.
Now, on the cusp of 2022, as the focus shifts from maintaining the continuity of businesses to optimizing them, we’re seeing new preferences and planning trends emerge. Our SMB customers are responding to the escalating threat of cybercriminals, who have been equally busy refining their tricks and techniques this pandemic.
Here's a look at the three most important trends guiding SMBs’ security mindsets in 2022:
Understand the threat landscape
Large corporations were the prime targets in early post-pandemic cyberattacks – even the WHO was hit in April 20201. With such organizations able to quickly purchase and deploy the highest-end cybersecurity, however, attackers over the past year have shifted their sights to SMBs2, which are now the most at risk.
Not only do smaller businesses lack the defenses to protect themselves, they also stand to lose far more. The SMBs that suffer data breaches may pay the ransom, or even be out of business.
With this threat landscape looming large in 2022, there will be a continued rise in SMBs seeking more effective security solutions. Unable to afford their own IT security departments, they will opt for straightforward plug-n-play solutions from vendors or through MSPs. For example, access points that can replicate the SSID of a head office, creating seamless and secure tunnels for remote workers, are already a new favorite among our SMB customers.
‘Never trust, always verify’
Record numbers of staff are working from outside the office, and take UK as the example. Nearly 97% of UK organizations have or plan to introduce hybrid working3. And they’re dialing in from every location and device possible, many with security measures ranging from limited to non-existent, putting themselves and their employers at risk.
As a result, SMBs no longer need to safeguard only a single point on their main network. Rather, their attack surfaces have multiplied manyfold, with staff members’ home offices now part of the edge of their office network.To address this, businesses must adopt a “never trust, always verify” attitude. Also called “zero-trust”, this approach requires that every user who tries to access a network has their identity verified, such as through multi-factor authentication. It’s an effective approach – even some governments are proposing that MSPs be legally bound to utilize zero-trust measures.
Respect and defend data privacy
Data privacy has been an unavoidable issue these past few years, with sweeping legislation mandating exactly how data is collected and used – most notably the EU’s GDPR.
Operating in the context of these regulations and with data breaches on the rise, jumping 14%4 from 2020 to 2021, there’s an urgent and growing burden on SMBs to protect customer data. Adding to this urgency are new data privacy laws coming onto the books, like a post-Brexit version of the GDPR5 in the UK and a growing list of state regulations in the U.S.
Faced with legal penalties and customer concerns in addition to the damage of data breaches themselves, more businesses in 2022 will place security as a top priority within their business models in order to survive, and turning to vendors and MSPs in order to gain knowledge, advanced security equipment and infrastructure to defend themselves against attackers.