73% of SME security pros missed or ignored critical alerts

Small and medium-sized enterprises (SMEs) IT staff is overwhelmed by the complexity and demands of managing multiple tools in their security stack, leading them to miss critical severity events and weaken their company’s security posture, according to Coro.

The survey was conducted with 500 U.S. cybersecurity decision makers in companies of 200 to 2000 employees across a broad variety of industry sectors. SME and midmarket companies are facing increasing volumes and complexity of cyberattacks, yet lack the resources and expertise for adequate defense.

Overwhelmed IT staff in SMEs

Cybersecurity is typically handled by a company’s IT staff, who become quickly overwhelmed by the complexity and responsibilities of managing their company’s cybersecurity program.

According to the survey, 73% of SME security professionals have missed, ignored or failed to act on critical security alerts, with respondents noting a lack of staff and a lack of time as the top two reasons. Respondents gave feedback on the most time-consuming parts of their day, including monitoring security platforms, managing and updating endpoint devices and agents, vulnerability management or patching, and installing, configuring, and integrating new security tools.

SMEs juggle too many cybersecurity tools

Respondents spend an average of 4 hours 43 minutes managing their cybersecurity tools every day, with an average 11.55 tools in their security stack. 52% of respondents said the most time-consuming task was monitoring security platforms, followed by vulnerability patching.

Respondents estimated it takes 4.22 months for a new cybersecurity tool to become operational, with equal time spent on installation, configuration, training staff, and integration with their existing security stack. On average, respondents manage 2029.91 endpoint security agents installed across 655.92 endpoint devices. 53% of respondents must deal daily or weekly with vendors’ updates of these endpoint agents.

The workload complexity facing security professionals, and the overwhelming demands it places on already limited resources are driving SMEs and midmarket companies to consolidate their cybersecurity tools. 85% of respondents say they want to consolidate their tools in the next 12 months. The most important benefit cited was improving their security posture.

“SMEs are stuck in a cybersecurity hell, constantly overwhelmed by the thousands of alerts generated by their enterprise security tools that do not fit,” said Guy Moskowitz, Coro CEO.

“The reality is that enterprise security tools – designed for large teams with endless resources – have failed SMEs. With limited staff, SMEs struggle with the complexity of managing their security, torn between budget constraints, limited resources, and the need for much better security coverage — this is mission impossible. The most effective way for SMEs to escape this cybersecurity hell is to adopt a single platform that covers the entire security span and is designed to reduce workloads through one dashboard and one endpoint agent,” Moskowitz concluded.