According to a new research from security firm Infrascale, most small and medium-sized businesses (SMBs) believe they are prepared for a cyberattack, but only few of them are ready to deal with the outcome of such incidents.
The research stated that around 92% of SMB executives believe their organization is ready to handle cyber threats, but more than 20% don’t have a data backup or disaster recovery solution in place. It also indicated that 16% of executives in SMBs admitted that they do not know their own Recovery Time Objectives (RTOs). While 84% of the respondents said they are aware of their organizations’ RTO, the rest stated that they were not.
An RTO is the time period between the starting point of the recovery process and to the point at which all the organization’s systems and services are back to normal. It is found that 24% of SMBs expect to recover their data in less than 10 minutes after a security incident and 29% expect to do so in an hour.
While, 8% of executives in SMBs admitted that they are not prepared to recover from a security incident, 39% of them stated that they lack the budget, 37% reported lack of time to research on solutions, 32% said they don’t have the right resources, and 27% said that they don’t have the right technology to deal with cybersecurity incidents.
Russell P. Reeder, CEO of Infrascale, said, “Having a low RTO can be achieved one of two ways: you either have redundant, highly automated infrastructure or an expensive disaster recovery solution. If you’re willing to trade just a little amount of time for cost, you can achieve a reasonable RTO with an affordable disaster recovery solution, such as Infrascale. Every industry uses technology differently to achieve their business goals, which in turn will have a different requirement around the redundancy and availability of their systems. While it may be possible to have an RTO of less than one minute if you implement redundant systems, those costs usually outweigh the benefits.”
He added, “Whether a business is dealing with a server crash or a site-wide disaster, unplanned downtime comes with serious consequences. Businesses can dramatically reduce downtime, quickly recover from ransomware attacks, and avoid paying ransoms by employing disaster recovery as a service. SMBs also can get ahead of an anticipated disaster such as a hurricane by failing over to their disaster recovery solution before the disaster is expected to hit, completely mitigating any downtime.”
One in Three SMBs Rely on Free Cybersecurity Tools or Nothing
One in three small businesses with 50 or fewer employees rely on free or consumer-grade cybersecurity tools stated a research commissioned and published by BullGuard. The research also pointed out that one in five companies do not use any endpoint security whatsoever. The research, which surveyed small businesses in the U.K. and the U.S., suggested that nearly 43% SMB owners are not prepared for a potential cyberattack or breach leaving their most sensitive financial, customer, and business data at risk.