New Study Reveals a Majority of SMBs Lack 24/7 Security Operations To Detect and Respond to Threats

69% of SMBs report their organizations face critical and expanding cybersecurity threats, making 24/7 coverage essential to mitigating cyberattacks

INDIANAPOLIS – July 21, 2022:

Pondurance, a leader in managed detection and response (MDR) services, announced today findings from a commissioned study conducted by Forrester Consulting on behalf of Pondurance. The study found that 81% of small and medium-sized businesses (SMBs) surveyed are monitored by a security operations center (SOC), but most (57%) do not operate 24/7. Considering that 69% of SMBs feel they are facing critical and expanding cybersecurity threats and 75% says cyberattacks have increased in the past three years, the lack of 24/7 coverage continues to put SMBs at considerable risk.

Cybercriminals and threat actors work around-the-clock, with attacks originating from around the world. Therefore, all businesses, including SMBs, need to be always on alert for new threats and available to respond at any moment to an incident. The study, Attackers Don’t Sleep, But Your Employees Need To, explores where SMBs are in their security operations maturity journey. Of those with an internal SOC, 64% has 10 or fewer employees (and almost a third have five or fewer). Those operating a purely internal SOC and attempting to operate 24/7 run the risk of exhausting their employees. 

The right partners are crucial to security operations

Despite critical and expanding cybersecurity threats, SMBs struggle to fill internal security technology and staffing gaps, leaving them with serious resource constraints throughout the threat management life cycle. The study found that the best way for SMBs to seal internal security gaps is through reliance on external partners, especially those that can truly act as extensions of their own teams. SMBs are looking to engage with outside partners that can offer close collaboration during incidents (52%) and fill internal skill gaps (47%). Additionally, the ability of external partners to help round out SMB cybersecurity capabilities not only mitigates risk to the business but also helps satisfy cyber insurance requirements, according to 42% of respondents. 

“SMBs face the same threat landscape as larger companies, but with fewer people and more limited budgets and security expertise. Countering these threats requires an external partner to help,” said Doug Howard, CEO of Pondurance. “What’s impressive about the study’s findings is that SMBs appear to have a firm grasp on the benefits of engaging external partners to help them mature their security operations practices to mitigate risk. But it takes the right kind of partner to ensure that SMBs realize these benefits. Pondurance has developed its security and advisory services with a deep understanding of the needs of smaller organizations for both best-in-class security technology and the people expertise to provide 24/7 cybersecurity coverage. It’s literally our mission to ensure that every organization can detect and respond to cyber threats, regardless of size, industry, or current in-house capabilities.”

The study found that most SMBs lack the internal tools and headcount to continuously monitor and respond to threats. Sixty-seven percent of SMB respondents report that engaging external security operations partners is crucial to maturing their security operations practices. By engaging the right security operations partners, respondents expect to see increased customer trust (49%), reduced risk (47%), increased revenue (45%), improved efficiencies (44%), and increased employee engagement (44%). 

SMBs benefit greatly from managed and consulting services

While very few respondents in this study report struggling with a lack of executive leadership when it comes to cybersecurity issues, respondents report lacking the right tools (36%), bandwidth to work proactively (31%), cyber skills (42%), and employee awareness (41%) to deal with growing cyber threats. 

In response, the study found that SMBs are turning to external partners to elevate their detection and response capabilities. The top tools and services SMBs plan to implement in the next 12 months are Managed Detection and Response (MDR) at 38%, Extended Detection and Response (XDR) at 47%, and Digital Forensics and Incident Response (DFIR) at 48%.

SMBs are also not looking for technology alone to address their needs. When asked about their cybersecurity operations budget allocation, respondents report spending 40% on technology/platforms and 60% on managed and consulting services. The combination of technology and service is important, with technology streamlining the work of existing employees and support services helping to expand team bandwidth and expertise.

Download the complete study here and register to attend our webinar Attackers Don’t Sleep, But Your Employees Need To taking place Aug. 18, 2022 at 3:00p.m. ET with Lyndon Brown, Chief Strategy Officer for Pondurance, and featuring guest speaker Jeff Pollard, Vice President, Principal Analyst, Forrester.

About Pondurance

Headquartered in Indianapolis, Indiana, Pondurance delivers world-class MDR services to industries facing today’s most pressing and dynamic cybersecurity challenges including ransomware, complex compliance requirements, and digital transformation accelerated by a distributed workforce. By combining our advanced platform with our experienced team of analysts, we continuously hunt, investigate, validate, and contain threats so your own team can focus on what matters most.

Pondurance experts include seasoned security operations analysts, digital forensics and incident response professionals, and compliance and security strategists who provide always-on services to clients seeking broader visibility, faster response and containment, and more unified risk management for their organizations. Visit for more information and follow us on TwitterFacebook, and LinkedIn.