Cybersecurity budgets for SMEs are set to halve in 2023 despite ongoing spate of cyberattacks, warns Typetec CTO Trevor Coyle.
A large majority (80%) of SME business owners believe that the Irish Government should provide more funding and support to help protect small businesses against the rising cybercrime threat.
A new study from Irish IT service provider Typetec has found that that cybersecurity budgets for SMEs are set to halve in 2023 – despite ongoing cyberattacks – while the average SME IT security budget for this year is €57,500.
“While it might be tempting for SME owners to reduce cybersecurity budgets at this time, our survey shows that threats are still widespread and the potential impact on businesses is greater than ever”
The results found that cyberattacks are still prominent with 79% of SMBs reporting a cyberattack in the last 12 months. The most common attacks were password hacking, phishing, malware and employee negligence.
Impact of cyberattacks on businesses
The survey of 200 small and medium-sized business owners – commissioned by Typetec and conducted by Censuswide – also revealed the most common form of cybersecurity attacks over the past year. Those were password hacking (32%), phishing (31%), malware (27%), and insider attacks/employee negligence (23%).
SMB owners are also concerned about the impact of cyberattacks on their business, with the biggest fear cited as going out of business (40%). Considerably more respondents are worried about this in 2023 compared to 2022 (27%).
The other biggest concerns regarding the potential effects of cyberattacks were found to be significant business downtime (39%), sensitive data being made public or traded on the dark web (38%), reputational damage (37%), and the loss of customers (32%).
Despite these fears, almost a third (32%) of SMBs do not have an effective disaster recovery plan in place. However, some 64% of respondents think they are fully prepared for evolving cybersecurity threats in 2023, and 29% feel somewhat prepared for same.
Among those that feel somewhat or fully prepared, the most popular step taken against evolving threats is increased cybersecurity awareness training for staff (37%).
Other key measures undertaken by this cohort were increasing the support they get from external managed service providers (34%), moving more systems and applications to the cloud (34%), investing in more sophisticated threat protection systems (31%), and investing in an always-on business continuity service (30%).
“While it might be tempting for SME owners to reduce cybersecurity budgets at this time, our survey shows that threats are still widespread and the potential impact on businesses is greater than ever,” said Typetec CTO Trevor Coyle.
“We understand that many smaller businesses are dealing with inflationary pressures at this time and have to make difficult investment decisions. However, it’s important that they make smart choices and don’t leave their data and systems more vulnerable and easier to attack, which will ultimately be so much more costly if it happens.
“Being smart means not only identifying measures for protection and prevention, such as staff awareness, but also having a strategy in place to support disaster recovery and business continuity should the worst-case scenario arise.
“Only through implementing the right technologies and processes can SMBs be reassured that they are lowering risk and upholding productivity – thus protecting both their own business and that of their customers.”