They may be smaller than their enterprise peers, but the security problems at small and mid-sized businesses can be just as large and significant, solution providers say.
While recent mega breaches at larger organizations, such as the Office of Personnel Management, Experian, Hilton and Excellus Blue Cross Blue Shield might garner lots of media attention, partners say their SMB clients face the same threats – but are relying on shoestring budgets to defend against them.
For example, Matt Johnson, CEO of Millersville Md.-based security solution provider Phalanx Secure, said he recently got a call from a four-employee health care client that had been hit with a data breach. While the client had only about 40,000 records, compared to the 10.5 million exposed in a September breach at Excellus, Johnson said the company is held to the same regulations and expectations as its enterprise peers.
"They have real-world concerns because everything is the same for them [as with an enterprise]. They have the same types of information, just fewer records," Johnson said.
Johnson's client is not alone. According to a 2015 survey of 1,000 small-business owners by Bank of America, more than 1 in 10 reported having been the victim of a breach.
Johnson said he’s now getting more calls than ever from companies with 50 to 200 employees that might have ignored security concerns in the past but are now looking to invest in security.
"They are just as concerned," Johnson said.
However, the challenge for many small and mid-sized businesses is that they might not be able to shell out the same hundreds of thousands -- or even millions -- of dollars that an enterprise might on its security portfolio.
According to Webroot's 2015 SMB Threat Report, 59 percent of SMBs said they believed they were at a "disadvantage to better-funded enterprises with more resources." Only 15 percent said they strongly believed they were as prepared as an enterprise might be against a cyberattack.
As a result, 63 percent of the IT decision makers surveyed said they did not feel completely confident in their ability to protect their businesses from security threats.
For partners, that means a huge revenue opportunity. Of the more than 150,000 partners in the market, more than 96,000 serve the small business market, according to data from The Channel Company, the parent company of CRN. Less than half -- around 41,000 -- of those partners said they already have security practices.