Smarter SMB Cyber Investments a Must for Difficult Economy
 

In periods of economic uncertainty, all investments are under scrutiny — particularly for smaller organizations and startups with limited resources. But scrapping the cybersecurity budget is an especially bad idea in a downturn.

That’s because tough times tend to trigger more cyberattacks. For example, in the two years following the lowest point of the Great Recession of 2008 to 2009, cybercriminal activity increased by 40% — and that period of elevated cyber risk took place in another technology epoch entirely¹. In today’s digital era, the cyberattack surface has expanded dramatically, including for small and midsize businesses (SMBs) and startups that have adopted cloud solutions for email and collaboration. Cybercriminals have exploits at the ready and are increasingly using them to target smaller, less cyber-fortified organizations.

Fortunately, advances in cybersecurity technologies and best practices have emerged since the last major economic downturn. For SMB leaders, it’s important to recognize that smart cyber investments are integral to their business strategy for weathering economic turbulence and to understand what approaches offer the greatest bang for their buck.

Leaning Into Cyber Investments During a Downturn

Experts expect escalation across a range of cyber risks — including human error, social engineering, ransomware, and insider threats — during and after economic downturns. Yet purse strings tend to tighten at the same time. Thus, it’s crucial to get smart about cyber investments during these periods. 

It’s no secret that the volatile state of the global economy will create tough budgetary conditions for customers for years to come. in Weathering economic uncertainty will require more organizations to pivot from reactive patchwork cyber spending — an approach causing widespread tool sprawl across the cybersecurity community — to proactive investment strategies closely aligned to their greatest areas of cyber risk. 

Tech executives are more concerned about the cybersecurity threats of today than they were a year ago. As a result, cyber investments are at the top of their agendas. Executives are recognizing the immediate need to prioritize cybersecurity and are also realizing that investing in cybersecurity is critical to successfully navigating an economic downturn.

Cost-Effective Cyber Strategies That Make Sense Now

It’s not a question then of whether companies should be spending on cyber defenses now, but what investments will be most cost-effective and beneficial. For CISOs across sectors, that is the million-dollar debate, and their decisions could make or break their business for years to come.

Some cybersecurity approaches can offer any organization — and particularly SMBs and startups — broader protection and greater cost efficiency in this environment of heightened risk, as well as greater cost efficiency. Three specific types of investments that make sense to prioritize in today’s economic climate are:

• Security integration: Today’s marketplace has no shortage of tools and technologies. But taking a scattershot approach to implementing individual products can lead to increased costs, greater complexity, and — potentially — gaps in protection. In an uncertain economic environment, companies would be wise to seek out easily integrated solutions that provide multilayered protection and maximize their returns on investment. Security integration can improve security operations efficiency while offering greater visibility into potential security gaps.
• Increased automation: Investing in cybersecurity technologies that can automate manual tasks and routing functions boosts cybersecurity accuracy, speed, and remediation efforts. Today’s leading cybersecurity technologies can enable these efficiencies from the start, saving companies on both human resources and financial capital.
• Cloud-oriented protections: SMBs have jumped on the cloud computing bandwagon, embracing hosted software for capabilities such as email and collaboration. This can deliver significant cost and efficiency benefits. However, the widespread adoption of cloud solutions has also empowered cybercriminals who can focus their efforts on the centralized infrastructure and common vulnerabilities of, for example, widely adopted email services. Such cloud software comes with some built-in security, but it’s not enough. One investment that can help SMBs, in particular, are gateway-less email solutions designed to operate seamlessly with a company’s cloud email environment. Such offerings are tailor-made to protect cloud systems with built-in capabilities, such as preconfigured settings, one-click remediation and user-friendly threat dashboards.

The Bottom Line 

SMBs facing economic uncertainty — and the increased cyber risk that downturns herald — may not necessarily be able to increase their cybersecurity investments, but they can make smarter, cost-effective choices that offer multilayered protection. One solution tailor-made for SMBs is Mimecast’s Email Security, Cloud Integrated solution, a gateway-less offering that currently secures the Microsoft 365 environment and can instantly boost protection against increasingly sophisticated email-borne attacks.

1 “Cybercrime in a recession: 10 things every CISO needs to know,” CSO