Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

09:35 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now

Small Businesses Look to Cloud, SD-WAN for Security, Survey Finds

Increasingly, small and midsized businesses are turning toward the cloud and new technologies, such as SD-WAN, to provide an extra layer of security, according to a new industry report.

With ransomware and phishing attacks on the increase, small and midsized businesses are increasingly turning to the cloud, as well as new technologies like SD-WAN, to help build up their security defenses, according to a newly released industry survey.

One reason that small and midsized businesses (SMBs) are turning toward these technologies is pure economics. About half of these enterprises had $5,000 or less annually to spend on IT security, and of that number, only half had $1,000 earmarked for security.

In addition to budget constraints, SMBs have limited time to understand and research the latest threats and also lack the manpower to respond, according to the Aug. 2 study released by Untangle, a San Jose-based company focused on network security.

The survey found that fewer than 30% of SMBs have a dedicated security professional on staff, which makes issues around training staff and creating security and compliance policies difficult.

(Source: Pixabay)
(Source: Pixabay)

"One big gap is in user awareness and training," Dirk Morris, the chief product officer of Untangle, wrote in an email to Security Now. He added that small businesses face the same security attacks as their larger counterparts, but SMBs have fewer resources to deal with an increasing number of threats.

"A surprising number of attacks still rely on help from unsuspecting users," Morris added. "Phishing, spoof websites and malicious downloads necessitate constant vigilance and user education, even with solutions like endpoint antivirus and firewalls in place."

The survey is based on the results of interviews with 350 SMBs, and the company plans to release the full report at this year's Black Hat conference in Las Vegas, which takes place later this month.

While security remains a concern, SMBs are starting to address the issue by moving some of their data to the public cloud, where service providers can at least provide security for the infrastructure, although data remains the responsibility of the customer. However, adoption remains slow since only 25% of those surveyed are using cloud infrastructure services.

At the same time, more small businesses -- more than 30%, according to the survey, are investing in SD-WAN technologies.

SD-WAN -- shorthand for software-defined wide-area networking -- uses software-defined networking to establish connections between distant locations, such as enterprise facilities and cloud providers. It also provides a more flexible, less expensive alternative to traditional wide-area networking (WAN) connectivity, which depends on dedicated hardware.

While still a newer technology, SD-WAN is growing, with some estimates placing the market at $3.3 billion by 2021. (See Unknown Document 738371.)

Zero in on the most attractive 5G NR deployment strategies, and take a look ahead to later technology developments and service innovations. Join us for the Deployment Strategies for 5G NR breakfast workshop in LA at MWCA on September 12. Register now to learn from and network with industry experts – communications service providers get in free!

In his email, Morris noted the many SMBs have a headquarters and several branch offices, especially in markets such as retail. If security is centralized at HQ, then SD-WAN and the flexibility it brings starts making more sense. It also helps as businesses turn toward cloud-based services such as SaaS.

"For example, a company with a headquarters, retail outlet and branch office may not be resourced the same way across these locations," Morris wrote. "IT staff and security solutions may only be deployed at the headquarters. SD-WAN offers multi-site organizations the ability to centralize their security by sending traffic to a single location for processing, whether that is a physical location (like the headquarters) or a cloud deployment."

While the report noted that SMBs are evaluating and installing new technologies, traditional security services such as firewalls, network detection tools, anti-virus and anti-malware are still the most frequently purchased.

Related posts:

— Scott Ferguson is the managing editor of Light Reading and the editor of Security Now. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-07-29
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 e...
PUBLISHED: 2021-07-29
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malic...
PUBLISHED: 2021-07-28
This affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input.
PUBLISHED: 2021-07-28
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function.
PUBLISHED: 2021-07-28
This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path.