Let’s suppose that some pro has already advised you on what you need to protect your business. Does that mean that your company is safe now? Unfortunately, no. The nature of cybersecurity is such that one factor in particular can introduce chaos into any strategy: the person in charge of carrying it out. That’s right, we are talking about the office manager in charge of IT security.
only 44% of companies with 50–250 employees have a dedicated security department (or at least a dedicated role). At 2% of businesses, this role is not managed at all, and in 54% of them, security functions are managed as part of overall IT work — which doesn’t necessarily mean that IT specialists manage security; 1 in 5 companies delegate IT tasks to nonspecialist staff such as accountants, office administrators, and managers.
Part of the problem is that business owners often do not think they need someone to be in charge of cybersecurity. They see cybersecurity as just the administration of more software. But it is much more than that. Someone needs to track employees’ access rights (including those of temporary workers, interns, and subcontractors) and revoke the passwords of people who leave the company or who no longer need certain services. Someone needs to be able to spot suspicious activity in your network and patch vulnerable software. And someone must be responsible for the compliance of your internal processes with various regulations (especially if you fall under GDPR jurisdiction). Making a nonspecialist responsible for the cybersafety of your business increases the chances of mistakes being made.
Another part of the problem is a shortage of resources. Many companies, and particularly those in the SMB segment, cannot afford to hire a high-profile specialist. In theory, that can be solved by outsourcing security functions — and it appears that businesses are on the way to the broad adoption of managed service provider (MSP) models for just that reason: According to the abovementioned survey, at least 50% of SMBs plan to employ MSPs in one form or another.
Want to learn more about the results of this survey? Download our report, “Growing businesses safely: cloud adoption vs security concerns” (PDF).