Reeling in the Big Fish: How Information Security Drives SMB Growth
By Brian Burch, Vice President of Americas Marketing for SMB at Symantec
Most people agree that small- to medium-sized businesses (SMBs) are a significant source of the innovation that fuels growth, but a lesser recognized fact is the critical role of start-ups in economic recovery. A new report from the Kauffman Foundation indicates that the pace of recovery in hiring and job creation since 2008 is stronger in newer firms – 4 out of every 10 hires at young firms are for newly created jobs.
Supporting small businesses, established and new, in their development and growth is germane to the economy. A major part of small businesses’ success now and in the future will increasingly derive from their business relationships with large corporations. More large enterprise and public sector organizations are turning to small businesses to outsource many of the operations and services that they used to handle in house. The typical U.S. multi-national corporation purchases goods and services from more than 6,000 small businesses; purchases a total of more than $3 billion in inputs from these small businesses; and relies on these small business suppliers for more than 24 percent of its total input purchases, as noted by the House Small Business Committee. It’s a reality of the economic times; large companies have significantly downsized their staff but they still have to deliver results, so small businesses have become a source of manpower and innovation. Small businesses that understand this are increasingly finding that they are “fishing in a stocked pond” when it comes to hunting large new clients.
The modern start-up is smart, tech-savvy and agile, but in spite of their business prowess, they or their IT department may very likely neglect a key aspect of their growth plan: beefing up their cybersecurity. A lax attitude toward security — or relying on consumer-grade protection instead of commercial-grade security — can hinder a company’s chance for growth through contracts or partnerships with large public or private concerns. Why? Large companies have become wary of the risks represented by connecting with and sharing confidential information with smaller companies who are not properly protected. Their concerns are extremely valid: targeted attacks aimed at small businesses with 250 or fewer employees have doubled this year, increasing from 18 percent of all targeted attacks in 2011 to 36 percent in the first half of 2012.
Small businesses are no longer on the periphery for hackers, but are increasingly a major focus for them. The reason is two-fold: (1) hackers have organized and formed major crime syndicates, looking for easy money and company secrets that will bring in revenue and (2) hackers have identified small businesses as stepping stones into bigger, more lucrative targets. Cybercriminals aren’t stupid— they realize that most large companies take security seriously and their front door is usually locked and reinforced, making it hard to slip in undetected. But the bad guys don’t give up there. Instead, they poke around out back, rattle door knobs and try to work their way in. This approach is working – 41 percent of data breaches studied in the Ponemon 2011 Cost of a Data Breach Report were caused by a third party, which can include when protected data is in the hands of outsourcers, cloud providers and business partners. Cybercriminals leverage the vulnerabilities of a trusted partner to open the back door and wait patiently for the opportune moment to strike, and then waltz off with high-value data. Nothing can destroy a small business faster than if it becomes the gateway to a major client or a partner’s data.
This trend is making larger companies extremely nervous about engaging with smaller partners. The last thing a large company wants is to fall victim to a massive data breach because a 27-person company didn’t lock the back door. As a result, they are now writing language into contracts demanding partners have top-level security. It’s an abrupt wake-up call to small businesses and one that all those attending buyer-seller events produced by Business Matchmaking, the leading small business public-private procurement partnership, have heard loud and clear.
“There is a growing insistence by government agencies and major corporations that small business contractors demonstrate higher levels of security to protect information critical to all. Whether it is taxpayer or shareholder interest, those entrusted in spending have raised the bar to an unprecedented level of concern with regard to the security of those firms they deal with,” said Chuck Ashman, Business Matchmaking’s CEO and executive producer.
If you want to fish where the big fish are biting, your line must be able to bear the weight of your catch— smaller companies that use commercial-grade infrastructure are landing some pretty big fish. Ultimately this means more jobs. In fact, in the U.S., small employers added 2.6 million jobs since the current recovery began three years ago, according to ADP Employment Report figures. With the right gear in their tackle-boxes, small businesses both established and start-up are poised to deliver the growth our economy needs to get us back to pre-recession levels.
Learn about Symantec solutions for small business.