There's innovative work being accomplished by small and medium-sized businesses today serving our Defense Industrial Base (DIB). Their inventions and technologies are critical to our national defense and advance our countries strategic and economic interests.
Not surprisingly, these inventions and technologies are of high interest to other nations. As a result, they are being specifically targeted by nation state cyber-espionage units and cyber criminals.
Are SMBs In the DIB ready to withstand these extremely advanced and motivated threats?
To answer this, we surveyed 423 IT practitioners at companies with 101 to 250 employees, and for whom a significant portion of their business comes from defense contracts with government agencies.
Following are the top findings from our "DIB Cybersecurity Maturity Report | 2024", findings that unfortunately point to an answer of “No”.
25% are making cybersecurity a very high priority in their company while 36% are making it a high priority. In other words, three out of five respondents are taking action to better protect themselves from attack. The remainder are placing a medium or low priority on cybersecurity, which may be to their detriment.
Many respondents find their threat hunting (37%), incident response (35%), vulnerability management (33% tie), and threat monitoring (33% tie) highly effective. However, many more report low to medium effectiveness in their approach to threat investigation (61%), threat monitoring (56%), and threat hunting (54%). These SMBs are leaving themselves exposed by not having effective tools and processes to proactively understand how, when, and by whom their systems have been compromised.
In addition to being less effective at threat investigation, monitoring, and hunting, over half (59%) say it would take a week or more to detect a threat in their environment — a time in which a malicious actor could already cause irreparable damage. Also, 64% say it would take two days or longer to respond to ransomware or a breach and 39% said they would not be surprised to experience a ransomware attack.
Even just one security incident or data breach can be incredibly costly to an organization, both financially and reputationally. Nearly half (46%) have had cybersecurity-related incidents that cost their company $100,001 or more; of those, 12% report that cost to be more than $500,001.
User account or email compromise like phishing is a common tactic that many of our respondents fell victim to, since over half (60%) reported that four or more of their user accounts or emails had been compromised just in the past year. Additionally, 59% had four or more of their endpoints compromised in the past year.
Some of the bigger cybersecurity challenges today include protecting sensitive data from breaches and leaks, managing a limited budget and resources for comprehensive cybersecurity measures, and keeping up with evolving cyber threat landscapes. However, the largest segment (58%) said they're most challenged by implementing and maintaining compliance with regulations that apply to their role in the DIB, including Cybersecurity Maturity Model Certification (CMMC).
Many of our respondents are using outsourced providers to help improve and manage their cybersecurity efforts. However, they're running into challenges that could continue to put them at risk. The biggest drawback to outsourced providers is their inadequate response time to security issues and incidents. Other challenges include limited support for compliance or CMMC management, and the overall value delivered feels too expensive.
82% plan to change their outsourced security provider in the next year. So what are they looking for? The top capability they want is a provider with a deep understanding of DIB requirements — especially when their top challenge above was keeping in compliance with the DIB's CMMC requirements. They’re also looking for providers with quality staff and comprehensive services.
Eight out of ten survey respondents say they have started the CMMC process. However, only 13% are compliant with Level 1 and 11% are compliant with Level 2. Considering this is their biggest challenge as mentioned above, these progress numbers reflect the need for guidance through the process and a service provider with a deep understanding of DIB requirements.
In looking forward, respondents have several priorities they want to focus on to ensure their IP, data, and assets are being protected. The top priority is strengthening access control policies and enforcement around sensitive data. Other priorities include achieving or advancing compliance requirements and deploying multi-factor authentication across most or all systems.
Improving the State of Cybersecurity in the DIB Today
Nation-states around the world will only continue to target SMBs. But with the right tools, technologies, and expertise, SMBs can strengthen their security today to become much harder to compromise. It won't just keep their innovation safe — it will keep our nation safe as well.
Get started on your cybersecurity journey today — let’s talk!