A new report has found that despite the growing adoption of advanced cyber security tools, SMBs are still vulnerable to long-lasting security breaches compared to enterprise organizations. 

The report released by Infocyte claims SMBs are more vulnerable due to the lack of IT staff needed to detect and respond to security threats. 

Threats from April to June 2019 were analyzed, reviewing over 550,000 forensics inspections on systems across hundreds of customer networks in the mid-enterprise business sector. The results? Unsettling. 

22% of SMBs claim their networks have experienced a ransomware attack that evaded preventative security controls. Fileless malware attacks were also reported to be on the rise. 

The average attack dwell time (time between an attack penetrating a network and being discovered) for SMBs ranged from 43 to 895 days. The average dwell time for confirmed, persistent malware was 798 days. The dwell time for riskware averaged 869 days. 

Dwell time for attacks involving ransomware were significantly lower, averaging 43 days between infection and remediation due to the nature of how ransomware informs its victims. 

These figures should serve as a wake-up call for SMBs operating improper CIS Controls. At a minimum, NNT suggests implementing the first six CIS Controls - referred to as the Basic Controls - to protect your organization from the most common and devastating cyber threats. You can learn more about the basic security controls by reading our latest resource: Understanding the Basic CIS Controls - CSC 1 - 6

Join us for our upcoming webinar on CIS Control 5 - Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers - and hear from Tony Sager Senior Vice President and Chief Evangelist of Center for Internet Security and Mark Kedgley CTO of New Net Technologies as they discuss Critical Control #5 and explore an effective SecureOps strategy.

Register now for our upcoming webinar What can we learn about cybersecurity from the Death Star: CIS Control 5 Explained in 30 Minutes

The Most Powerful & Reliable Cybersecurity Products
Contact Us

USA Offices

New Net Technologies LLC
4850 Tamiami Trail, Suite 301
Naples, Florida, 34103

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]


UK Office

New Net Technologies Ltd
The Russell Building, West Common
Harpenden, Hertfordshire

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2021, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.