Businesses Might Change Providers Over Cybersecurity Shortfalls: Survey

Nearly 90% small- and medium-sized businesses would consider switching managed service providers for the right cybersecurity solution, according to research focused on major MSP cybersecurity risk and revenue opportunities.

The research, “Underserved and Unprepared: The State of SMB Cyber Security in 2019,” conducted by Newbury, England-based Vanson Bourne on behalf of Boston-based intelligent software platform Continuum, drew on 2019 data collected from 850 SMBs across the United States, United Kingdom, France, Germany and Belgium.

Due to a high level of concern, SMBs feel the need to protect nearly every aspect of their business. The majority of SMBs want to protect company finances, customer data, customer facing applications, HR records and employee data, and internal applications.

“No business is too small to evade a cyberattack or data breach. Unfortunately, small- and medium-sized businesses may lack the in-depth tools and in-house expertise to harden their systems and networks against potential threats,” the report suggested.

The research in the U.S. found MSPs are at risk of losing their SMB clients if they don’t provide competitive, comprehensive solutions. Beside the 89% of SMBs surveyed that would consider hiring a new MSP, 24% had already changed MSPs in a cyberattack’s aftermath.

To make matters more challenging for MSPs, three in four SMBs who do not currently outsource cybersecurity would still hold their provider accountable in the event of a cyberattack.

“We have seen first-hand that the number one reason MSPs lose business today is over concerns about cybersecurity, and this data now proves it,” Michael George, CEO, Continuum, said. “Providers across North America and Europe should heed the clear warning presented by these findings. Businesses expect to be protected by their MSPs, and are ready to pay more for that protection – whether from their existing MSP, or by switching to a provider that promises a better solution.”

The report discovered MSPs that attempt to compete on price are likely to find that this will not be enough to retain clients concerned about cybersecurity. SMBs planning to change providers are willing to pay about 25% for the right cybersecurity offering. Nearly half of all SMBs surveyed in the U.S. (47%) would pay at least 20% more for the right cybersecurity solution from a new provider.

While this research highlighted the risks for MSPs who don’t meet the security demands of SMBs, it also paints an optimistic picture for those MSPs who do offer and sell effective cybersecurity services. SMBs recognize the need for cybersecurity, and are ready to work with and invest more with MSPs to get the right levels of protection. Seventy-seven percent of SMBs anticipated outsourcing at least half of their cybersecurity needs within five years, and 78% are planning to invest more in cybersecurity in the next 12 months.

“SMBs are not just looking for cybersecurity protections, they are ready to invest more to protect their businesses,” Brian Downey, senior director, security product management at Continuum, said. “When MSPs get cybersecurity right, they stand to not only win business from providers that don’t, but also increase their revenue streams from their SMB clients.”

The research revealed a lack of education and understanding has led to lower levels of advanced protection within SMBs, which in turn leads to attacks on these businesses becoming more commonplace. “It is important to establish the areas where SMBs need protection, and where there are potential pitfalls in order for managed IT service providers to appropriately support them.”