Enterprises and SMBs need security support, says Kaspersky Lab

From the smallest business to the biggest enterprise, every company needs to combat security risks – but when resources are limited, the effort can be challenging. Increasingly, organizations are employing full-time security staff to help spearhead sensitive data management and protection initiatives. A recent study by Kaspersky Lab, titled “Lack of Security Talent: An Unexpected Threat to Corporate Cybersafety,” found that nearly half of organizations report they’ve simultaneously encountered a growing demand for security specialists, as well as a talent shortage for trained professionals.

The reasons driving companies’ growing interest in security expertise are clear. According to Kaspersky, large organizations that are unprepared to face security crisis situations pay between $1.2 and $1.4 million in recovery costs, which is a major jump from the $100,000 to $500,000 paid by businesses that have in-house security staff. The price of hiring external support to recover from such incidents is a major factor driving those costs up.

The difference between SMB and enterprise security experts

Hiring a security expert is just as effective at alleviating data breach recovery costs for SMBs as it is for their enterprise counterparts. However, taking on a new staff member – particularly one with security-focused training and higher education, which Kaspersky found was a key factor in such new hires – isn’t always a realistic option for smaller businesses.

With or without expanded security teams to guide the efforts, many organizations are now investing in security intelligence solutions, which can help track evolving threats and decrease the amount of time spent on recovery. According to Kaspersky, top factors driving the need to expand a focus on security intelligence include:

If hiring an expert isn’t in the cards for your company, yet consider how gaining visibility into stored data would help your existing team tackle the above issues. Solutions such as data-aware technology can help protect sensitive information from threats, avoid breaching compliance regulations and simplify IT infrastructure. And if your team does bring on new security experts, these factors should serve as a to-do list for those hires. With those leading issues out of the way, your security team can spend more time focused on proactive protection and recovery.

Learn more tips to help midsize organizations avoid security threats.

  Like This
Andrew Hay

Andrew Hay

With over 15 years of data security experience in various roles inside organizations as well as advising them, Andrew serves as the chief information security officer at DataGravity. He is responsible for the development and delivery of the company’s comprehensive data security strategy. Prior to DataGravity, Andrew was the director of research at OpenDNS (acquired by Cisco) and the director of applied security research and chief evangelist at CloudPassage.