Small and medium-sized businesses across New Zealand remain exposed to the rising tide of security attacks impacting the market, with many unprepared to handle an all-out cyber breach.
Despite the big name hacks dominating the news - think Sony Pictures, Staples, Home Depot and Target to name a few - attacks on smaller organisations are increasing both at home and overseas, and stand to potentially impact 97 percent of all New Zealand enterprises.
To be precise that’s 459,300 businesses from the top of the North Island to the bottom of the South, incorporating zero (no employees), micro (1-5 employees) and small (6-19 employees) enterprises.
“Many SMBs are keeping their head in the sand, but any computer is a target, if for nothing else, the computer power or to hold for ransom,” says John-Paul Sikking, Head of Security, Cisco New Zealand.
“Also in recent years we’ve seen attacks on small business as a stepping-stone to a much larger target.”
As such, Sikking - who spoke at the recent Reseller News Roundtable: The Changing Face of Security - believes New Zealand partners have a strong role to play in the security space, and stand to capitalise as smaller organisations seek trusted advisers in the year ahead.
From a channel perspective, Sikking says the Kiwi market has witnessed a “large shift” in the partner eco-system to managed service providers and cloud brokers.
“This has been clear through vendors such as Cisco, Microsoft and Amazon moving our businesses to help deliver products and services to enable our partners in this market,” Sikking adds.
In directly addressing the Kiwi reseller community, Sikking believes the top performing security partners in 2016 will be the ones willing and able to embrace channel change.
“2016 should see the continuation of the evolution of security partners to business advisors, where the channel partners are getting to understand their customers’ businesses and advising on strategies and technologies that will help them manage their business,” Sikking adds.
“I hope to see our partners change their understanding of the threat landscape, where they can team this knowledge with the customers’ vulnerabilities and deliver a robust service to discover, block and remediate attacks.”
Sikking’s comments are in line with the recently released Cisco 2016 Annual Security Report, which cites SMBs as a potential “weak link” in the security chain.
As more enterprises look closely at their supply chain and small business partnerships, they are finding that these organisations use fewer threat defence tools and processes.
But perhaps crucially, SMBs’ view of their businesses as targets of cybercriminals may demonstrate a gap in their perception of the threat landscape.
As illustrated in the report, 22 percent of businesses with fewer than 500 employees do not have an executive with direct responsibility and accountability for security because they do not view themselves as high-value targets.
While the report officially classes SMBs are 250-499 people - which is large for New Zealand - Sikking believes the overriding point applies to smaller Kiwi businesses.
“Across the board, these SMB organisations have less confidence in securing their organisations and they report using less tools and processes to defend their networks,” Sikking adds.
“It’s impossible to say what is the right percentage or amount of money to spend, however security spending should be commensurate with the value of the asset that is being protected.
“In New Zealand I think that organisations, especially SMBs, are a little light on managing the risks to their organisations.