Why businesses would rather lose revenue than data

IT is a crucial component for small to medium-sized businesses (SMBs), but these organizations are under-investing in necessary talent and technology. As IT problems continue mounting, SMBs struggle to handle them effectively, according to a new study from Logically.

While 93% of SMBs identified IT as strategically and operationally critical, more than half (66%) of business decision makers said their current IT isn't keeping pace with expanding technological needs, Logically's 2019 Small and Midsize Business IT Study found.

SEE: Six ways to help your IT staff learn the business (free PDF) (TechRepublic)

The report, released on Wednesday, was conducted by Wakefield Research and surveyed 250 business decision makers and owners of companies with annual revenue between $5 million and $50 million. Data remains vital to businesses competing in the current digital age: Some 60% of business decision makers said they would rather lose half of their companies' revenue growth for next year than lose half of their companies' data.

"There are a few reasons why data is so invaluable to companies. Firstly, revenue is replaceable-whereas data is not. Any lost data will most likely result in lost revenue as well," said Christopher Claudio, CEO of Logically. "Then, there's the reputational damage that can come with data lost due to a breach, especially when it involves sensitive or regulatory protected data (ePHI, PCI, etc.). Finally, data often times equals IP or competitive advantages for businesses. So, any data loss that includes a company's 'secret sauce' can propel competition light years ahead."

Businesses use their companies' data to gain valuable insights about their organization, discovering patterns and trends in the data that help guide and inform critical business decisions. While data breaches can impact any-sized business, SMBs have historically faced greater challenges recovering from these breaches, as they don't typically have access to the robust resources large companies can afford.

This gap still exists: Some 42% of business decision makers at larger companies reported at least 25% of their companies' strategic planning discussions were focused on IT, while only 9% of SMBs said the same.

In the past 12 months, SMBs most experienced system downtime (66%), system slowdowns (64%), and cybersecurity breaches (28%). The cybersecurity breaches these professionals were most concerned about included cloud security (52%), computer viruses and malware (50%, and internet data leaks (49%). These were closely followed by hackers (47%), password vulnerability (46%), and phishing scams (42%).

A big reason for cybersecurity issues is the lack of IT talent in SMBs, the report found. Half of businesses said they only provide a one-time security awareness IT training to staff. To solve for the skills gap, a third of companies (33%) said they currently outsource some of their IT activities, and another 40% said they plan to do so.

Regardless, SMBs need a plan. "With regards to addressing security concerns, it's important to have several layers of security so that there's no way an outside 'silver bullet' can penetrate a system," Claudio said. "Making sure staff are aware of potential security threats, like phishing scams, is also crucial as they will usually be your first line of defense. Patch management and vulnerability assessment are also mission critical."

When looking for an IT solution, the report identified three clear options for SMBs: Building up their in-house team, augmenting their team, or totally outsourcing their IT.

"To support business continuity, it's important to have a great backup and disaster recovery program including off-site data copy in the event of an emergency," Claudio noted. "Again, making sure you have access to the right IT resources and skill sets by utilizing a trusted outsourced service provider is essential."

For more, check out Budget constraints pose the highest threat to SMB IT security on TechRepublic.

Also see