A recent survey of over 700 small and medium-sized businesses (SMBs) across various sectors showed that the widening cybersecurity skills gap is leaving many businesses exposed to threats. While some sectors have high confidence in their in-house cybersecurity skills, others prefer to outsource their cybersecurity to external experts to ensure they are protected.
According to the survey, which was conducted by cybersecurity firm ESET, businesses in the professional services sector are less confident in their in-house cybersecurity expertise, with 26% having slight to no confidence in their ability. A larger percentage of businesses in the financial services sector, at 29%, are less confident in their in-house cybersecurity expertise. On the other hand, businesses in retail, wholesale, and distribution sectors are the most confident in their in-house cybersecurity expertise, with 80% having moderate or high confidence in their security systems.
Meanwhile, 34% of SMBs manage their cybersecurity in-house, while the majority prefer to outsource it instead. Financial services SMBs have the lowest percentage of in-house management, at 28%, while the manufacturing and industrial sector has the highest preference for keeping their cybersecurity management in house, with 33% opting to do so. A total of 58% of SMBs outsource their security, with the majority in the technology and telecoms sector.
However, the report warns that businesses managing their cybersecurity completely in-house may have a false sense of security. Regular third-party security audits are recommended, as well as regular updates to security policies. The report also indicates a growing need for endpoint detection and response (EDR), extended detection and response (XDR), and managed detection and response (MDR) solutions, with 32% of SMBs reporting their use and 33% planning to leverage these technologies in the next 12 months.
It remains unclear which specific business types in the technology and telecoms, manufacturing and industrial, and financial services sectors are prioritizing in-house cybersecurity management and what their specific reasons are. While businesses in certain sectors have higher confidence levels and different approaches to their cybersecurity management, the report suggests that outsourcing to external experts could provide greater protection against cyber threats.