Avatar

When midsize businesses talk about cybersecurity, it’s usually in the context of a problem to solve. (Specifically, IT’s problem to solve.)

But for small and midsize businesses especially, security can’t just be a concern of IT. When looked at holistically, a strong security strategy can be an asset that helps companies reach their overall business objectives.

Per IDG, business and IT leaders at midsize companies surveyed around the globe agree that the top three business goals for this year are:

  1. Managing risk
  2. Increasing efficiency and productivity
  3. Growing the business

With that in mind, Cisco has also recently released the 2021 Security Outcomes Study for SMBs, focusing on how small and midsize companies are investing in security to meet their business priorities. The report identifies security practices that correlate most strongly with the goals above.

Managing Risk

It seems obvious that managing risk would be an outcome that cybersecurity would help solve. Diving deeper, though, the Security Outcomes Study emphasizes that prompt disaster recovery in particular can have a crucial impact on midsize businesses.

Out of the 25 security practices included in the study, timely disaster recovery was the biggest differentiator of success between SMBs and larger organizations. SMBs with prompt disaster recovery reported a 13.4% higher success rate in business outcomes. Why the difference between SMBs and larger companies?

Thanks to ransomware and other evolving cybersecurity threats, the likelihood of encountering a security incident for midsize companies is greater than ever. And when these events do happen, the relative impact on midsize companies is much greater than on larger companies. While a major hack may hobble a large business, the same attack could be fatal for a small or midsize one.

Fortunately, the single biggest way that we found small and midsize organizations could strengthen their security posture and build resiliency is to make sure your technology — both software and hardware — is up to date. This security “basic” is something that any company can focus on, regardless of your size or IT capabilities.

Operating Efficiently

The fact is, IT teams at midsize organizations play many different roles, and their work becomes more complex as the company grows. Hybrid and remote work are stretching teams even more, as they work to install, secure, and troubleshoot technology remotely.

When various technology solutions are integrated into a holistic strategy, IT’s job becomes more streamlined. Metrics are consolidated, visibility is centralized, and incident response is faster. This requires strategic planning, as well as connection into the broader business plan. But ultimately, you’ll be able to reduce the number of siloed solutions and architectures for a more efficient operation.

Proactive technology refresh can also help your midsize business increase its efficiency – in addition to reducing risk, as seen above. With faster and more secure infrastructure, you can spend less time fixing problems and create a smoother experience for running business-critical applications.

Enabling Business

One of the findings from the study is that SMBs with a sound strategy to guide security initiatives were significantly more likely to experience successful outcomes. (And, a strong security strategy was more important for SMBs vs. enterprises.)

Across the board, we’re seeing that midsize companies are increasingly needing to connect business and IT teams so that everyone is working toward same goals. IT priorities should support business priorities, and the most successful IT leaders understand business drivers. At the same time, when everyone at a company understands how security can support the larger mission, the more buy-in you’ll get — and the better you’ll be at staying ahead of threats.

Once again, refreshed technology can help here. Small and midsize businesses with a modern tech stack rate themselves as being more successful in all 11 outcomes measured in the study.

Though modernization requires upfront costs, you’ll spend less time and money down the road searching for budget and resources to respond to cybersecurity events and replace outdated tech.

Next Steps

To learn more about how midsize companies are executing and investing in cybersecurity strategy, read the full Security Outcomes Study for SMBs. To help you build a comprehensive security strategy for your business, take a look at the Midsize Cybersecurity Playbook.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

 



Authors

Michael Hopfinger

Director of Marketing

Architecture and Partner Marketing - Americas