SMBs oblivious to security risks - Canalys

Analyst claims small firms wrongly assume only high-profile enterprises get targeted by hackers

More needs to be done to convince small businesses they could fall victim to security attacks, according to Canalys, which said SMBs are convinced only top enterprises get hit.

The analyst said that last year, content security spend among small businesses grew 9.6 per cent annually to $2.6bn (£1.75bn). The market now represents 28 per cent of the total enterprise content security market, up from 27 per cent in 2013.

But despite the growth, not all SMBs take security seriously enough, Canalys said.

"While many small businesses have increased their spending, the overall state of protection remains below an effective level,' said senior analyst Nushin Vaiani.

"Some small businesses remain convinced that only those large enterprises they see in highly publicised news articles are the targets of cyberthreats. This is a fallacy and if these businesses do not change their attitude soon, they will fall victim to attacks.

"Small businesses need to better understand the repercussions in terms of reputational harm and loss of customers and revenue due to successful cyberattacks and make security a major business priority."

Canalys added that the type and sophistication of security threats has "grown considerably" recently.

"Malware, phishing and spyware remain the most common forms of attack, but denial-of-service attacks are becoming widespread," Canalys said. "Small businesses are also falling victim to supply-chain-related attacks, whereby criminals establish an indirect path to confidential data through third parties, which tend to be relatively small businesses."