The National Cybersecurity Alliance estimates about 60% of small businesses shut down within six months of facing a cyberattack.
It may seem like a shocking statistic, but for many of the 8 million small businesses in the U.S. operating with thin margins, it’s very believable. And though cyberattacks on small businesses have surged 150% from 2020-2021, many believe they lack the financial means (let alone skill sets) to acquire the technology to protect their businesses.
The fact is, small and medium-sized have more options than they realize. We spoke with Dror Liwer, co-founder of end-to-end cybersecurity platform provider Coro about AI’s place in cybersecurity and how it can nullify both the financial and skill barriers small and mid-sized businesses wrestle with to adopt a cybersecurity program.
What are the top cybersecurity challenges that plague SMBs?
SMBs are lacking a lot when it comes to cybersecurity and are facing unique pressures in light of current economic times... to the point where most are overwhelmed and unable to focus on cybersecurity. If I had to boil it down to three, though, I’d say increasing threat prevalence, lack of resources, and compliance struggles are the biggest challenges.
Criminals are targeting SMBs with increasing velocity and sophistication. With tactics like ransomware, business email compromise, and other schemes, hackers are looking to make a quick buck as fast as possible without getting caught. Because SMBs historically don’t have as strong a security posture as bigger companies, they are sitting ducks. In fact, many SMBs are completely unaware of just how at risk they are.
To put it into perspective, our own research shows that a company with 1,000 employees is attacked 56,000 to 86,000 times per year. That’s roughly five to seven threats per employee per month. Adding to this equation: nearly half of all SMBs don’t have a cybersecurity budget and there is a severe shortage of skilled cybersecurity talent. Without the skill, budget, or access to technology that big companies have, SMBs are left with few defenses.
SMBs also struggle with compliance. Whether they have the tools in place or not, SMBs are held accountable to the same data privacy standards (such as GDPR and the FTC’s Safeguard Rule) as larger enterprises. However if there is a breach, the relative cost is much greater for smaller companies who may not recover from steep regulatory fines, lawsuits, or loss in customer confidence.
How could AI help these organizations overcome those challenges?
As attacks become more sophisticated, so too must the technology we use and AI can be extremely beneficial.
AI can help relieve the pressure that SMBs feel when it comes to cybersecurity; it’s a way to do more with less. AI-powered tools can be especially useful for companies who have lean security teams (or none at all), alleviating the burden involved with manual processes, freeing up time to focus on more strategic work, and making cybersecurity processes more effective and efficient.
AI- and ML-based tools raise the effectiveness up to 92%, whereas legacy technology may only stop 30% of threats. AI can slash the time involved in identifying and remediating a breach. AI-powered tools can analyze data and discover patterns and behavioral flags without the need for data scientists, removing the need to hire in-house expertise. AI can also help streamline incident logging and compliance reporting. It has added benefits of reducing employee burnout, boosting productivity, and improving accuracy by minimizing human error and false positives.
What are the barriers to entry for AI solutions?
Despite AI being front and center over the past year, most SMBs remain skeptical. The term itself can be intimidating to smaller companies and most say they are hesitant because of cost, difficult implementations, and a lack of in-house expertise to manage it. There is also a tendency for smaller companies to perceive AI as something that is only accessible to and benefiting big companies. All of these myths really boil down to SMBs not fully understanding AI’s potential. With a better grasp of the value and flexibility that AI can provide, we’ll see more small and mid-market companies start to embrace it.
How do you see the use of AI technologies evolving in 2023 for cybersecurity?
I think that 2023 will be the year where we see SMBs make a lot of progress in accepting AI as a valid cybersecurity method, and test it out within their own organizations with great success. AI will become a critical component of any proactive cybersecurity effort. As data grows exponentially, so does the threat landscape – and there is only so much that humans can keep up with. AI-powered cybersecurity tools can comb through immense amounts of data instantaneously to detect threats and prioritize response based on real-world risk.