A new report from Action 1 Corp. has found that upwards of 23 per cent, or close to one in four small and midsize businesses (SMBs) are looking to replace their current managed service provider, the result of a litany of frustrations.
The findings, which are contained in the company’s 2022 SMB IT Security Needs Report, which, it says, analyzes the cybersecurity challenges of SMBs and their relationships with MSPs amidst today’s macroeconomic crisis.
Based on polling of 750 SMBs from around the world, the most serious frustration the report revealed revolved around interruptions to business processes.
Action 1, a provider of a remote monitoring and management cloud platform, said in a press release that 48 per cent of respondents complained about performance issues with devices, which was the top factor that would cause them to change.
Another major reason was outages or unplanned system reboots, which were reported by 33 per cent of respondents.
Authors of the report note that “early in the pandemic, the need to quickly shift to remote work caused SMBs to flock to MSPs in droves. However, amidst today’s rising inflation and macroeconomic crisis, SMBs will consider their choice of an IT provider more carefully, with close attention to balancing costs and benefits. Therefore, MSPs cannot expect new business opportunities to simply fall into their laps.
“Accordingly, to stay competitive, MSPs should take a step back and analyze the changing needs and expectations of SMBs. What are their top cybersecurity challenges? How strong do they think their IT security is now? How satisfied are they with their current MSPs, and what issues would lead them to consider moving to another one?”
As for the “cybersecurity challenges of SMBs,” the report notes that:
- 63 per cent of respondents believe their cyber risk is less than large enterprises.
- Despite that, upwards of 81 per cent of respondents experienced at least one security incident during the preceding 12 months.
- The types of attacks most commonly experienced included ransomware, password-based attacks, and phishing.
- The top root causes of these incidents were employees falling prey to phishing (63 per cent and unpatched systems (43 per cent).
- The most commonly cited factor that prevents SMBs from establishing truly robust cybersecurity was the high cost of most IT security offerings, which was named by 65 per cent of respondents.
- Second on the list, named by 37 per cent of SMBs, was that their security tools make it harder for users to do their jobs, so they try to bypass them.
The report also contains four recommendations that cater directly to how MSPs can retain customers and serve them better:
- Offer security plans tailored to the attacks that SMBs most commonly experience. To help SMBs fend off ransomware, phishing and password-based attacks, consider providing robust patch management and timely software updates, password policies, multifactor authentication (MFA), Zero Trust, and secure backups and recovery.
- Improve operational efficiency and service. The top issues that frustrate SMBs about their MSPs, such as performance issues with devices and unplanned outages or system reboots, often result from legacy approaches to endpoint management and uncoordinated work. To avoid losing clients, start by improving your processes.
- Work closely with your customers on their IT security strategy. Most SMBs struggle to locate and implement effective security tools themselves. In particular, they admit that their employees bypass their current controls. Accordingly, MSPs need to work closely with customers to develop effective IT security policies and ensure they are properly implemented.
- Educate SMBs on the nature of contemporary threats. The survey showed that many believe they are at less cyber risk than large enterprises. By disabusing them of these misconceptions and explaining why modern attackers increasingly target small and midsize companies, MSPs can help them assess their IT risks more accurately and make informed decisions about their IT security strategy.
“The severity of the cybersecurity landscape and lack of SMB preparedness represent a big opportunity for MSPs,” said Alex Vovk, CEO and co-founder of Action1.
“To seize it, they need to provide all the services SMBs need, faster and at higher quality, by using modern technologies that enable them to automate their IT routines; perform key tasks like patch management without interrupting the client’s business processes; and manage client endpoints effectively to ensure both performance and security.”