Under half of SMB security issues are related to encryption, research reveals

Research conducted by Alert Logic revealed that small and midsize businesses (SMBs) are more vulnerable to attacks targeting their weaknesses. 

In its new report, Critical Watch: SMB Threatscape 2019, researchers analysed more than 1.3 petabytes of data and 8.2 million verified security incidents across 4,000 organisations of all sizes. 

It was discovered that 66% of SMB devices run Microsoft OS versions that have expired or will be expiring by January 2020 –  to which the majority of the devices scanned were running Windows versions more than 10 years old. 

It was also discovered that more than 30% of SMB email servers operate on unsupported software. Almost a third of the top email servers detected were running Exchange 200, which has been unsupported for nearly 10 years. 

Onkar Birk, senior vice president of product strategy and engineering at Alert Logic commented:

“The continued lack of skilled cybersecurity professionals affects organizations of all sizes, and small and midsize businesses are at greater disadvantage because they can’t scale like large organizations can.

“These organizations will greatly benefit from partnering with providers who can augment their limited teams with threat intelligence and experts to be more secure and compliant.”

The report identified that configurations remain an issue despite automated patching help reduce the frequency of vulnerabilities. As a result 13 encryption-related configuration issues accounted for 42% of all security issues found. 

“Alert Logic’s research confirms that SMBs would benefit from more cost-conscious security options to take some of the responsibility off their shoulders,” continued Birk. “That’s our mission. We aim to bring the level of security traditionally afforded to the Fortune 500 to businesses of any size.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.