Dark Reading: SMB Security Catches Up to Large Companies

Archive for the ‘Vendor Risk Management’ Category

Dark Reading: SMB Security Catches Up to Large Companies

Posted by

Small and midsize businesses (SMBs) have long had a reputation for being behind the curve in cybersecurity, especially compared with large companies that have more resources. A new report shows SMBs are just as capable of defending themselves, despite facing similar challenges.

Excerpt from: SMB security catches up to large companies

“We see time and time again that SMBs are actually punching above their weight,” says Wolfgang Goerlich, advisory CISO with Cisco Security. “They’re doing better than we would’ve anticipated.”

Overall, the numbers indicate small businesses are placing a stronger focus on security over time. The same sentiment is echoed in data from The Manifest, which recently released results from a survey of 383 smaller organizations, most of which had fewer than 50 employees.

Goerlich attributes the rise in public scrutiny to two factors. One is the realization of supply chain and third-party risks, which are prompting customers to ask more questions. Even small suppliers selling tools are getting hit with inquiries more often. Another is the trickle-down effects of regulation and compliance requirements, which usually affect larger vendors first and then are passed down to smaller suppliers. Now, they’re reaching the SMBs surveyed here.

“If you’re a customer, your voice alone may not move the needle … but the voices of multiple customers move the needle in a significant direction,” he says of the rise in inquiries. Requirements for today’s SMBs are issues that enterprises were struggling with six years ago.

Read the full article here: https://www.darkreading.com/perimeter/smb-security-catches-up-to-large-companies-data-shows/d/d-id/1337725

Wolf’s Additional Thoughts

One thing I’ve long called for is companies to demand more from their vendors, in terms of security. This creates market pressure. This ties security to revenue. And ultimately, these steps result in improved security because customer demand results in executive support for security teams.

Good security delivers a business result and, in doing so, increases the security posture. Here, the business result is keeping existing customers and attracting new ones. The last six years has seen this call turn into a reality.


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category. Do you want to interview Wolf for a similar article? Contact Wolf through his media request form.