Cynet 2021 CISO Survey Reveals Need for SMEs with Small Security Teams to Rethink Cybersecurity Strategy

With Fewer Resources, Smaller Security Teams Forced to be Innovative in Dealing with Enterprise Threats  

New York, NY – January 27, 2021 — Cynet ( today announced a new survey titled “2021 CISO Survey of Small Cyber Security Teams.” According to the findings in this survey, companies with small security teams, generally SMEs, are facing a number of unique challenges, placing these organizations at greater risk than their larger enterprise counterparts. These enhanced risks are moving 100% of these companies to outsource at least some aspects of security threat mitigation in order to safeguard IT assets.

In this survey of 200 CISOs at small and medium size enterprises (SMEs) with five or fewer security staff members and cybersecurity budgets of $US one million or less, it was found that a majority of these organizations were overwhelmed by the endless volley of cyber-attacks. This has been due in large part because SMEs are inundated by many of the same threats facing larger organizations, but lack the financial resources, specialist staff, training and proper tools to consistently remediate them. According to the research results in this survey:

•    63% of the responding CISOs felt their risk of attack was higher compared to enterprises, despite the fact that enterprises have a larger target on their back.
•    57% of CISOs admitted that their ability to effectively protect their companies is overtly lower than they would like it to be.
•    57% of companies indicated they do not have enough skill and experience to protect against cyber-attacks.
•    80% of responding CISOs said they would like to invest in more automated security solutions as these companies look for innovative ways to do more with fewer heads.
•    As a result of the aforementioned, 100% of small security teams are outsourcing security mitigation to an external provider with 53% outsourcing to an MDR service and the balance outsourcing to an MSSP provider.

An advantage that organizations with limited security teams have is their understanding of the value that solutions like EDR (Endpoint Detection & Response) provide. 87% of those using an EDR solution said it was valuable. However, the vast majority of respondents (79%) said it took their teams more than four months to finish their EDR deployment and become proficient in using the solution.

The top tactics used by these smaller operations to improve processes was to invest in automated solutions and processes (80%) followed by investments in security training and certifications (61%), consolidation of security tools and platforms (61%), replacement of complex security technologies (52%) and outsourcing to service providers to fill security tool gaps (51%).

“This analysis looks at the reality of how CISOs with small security teams are taking on increasingly larger security challenges,” said Eyal Gruner, CEO and founder of Cynet. “The results of this survey are a rare insight into the inner workings and dynamics of SMEs and a spotlight on how they are responding to the ongoing wave of criminal and state sponsored cyber-attacks.”

Tweet this: @Cynet CISO Survey Reveals Need for Smaller Security Teams to Rethink their Cybersecurity Strategies and Solutions –

To learn more about Cynet:
•    Discover the complete survey on the Cynet blog at:
•    Register for a webinar on the new SME CISO Survey results at:
•    Visit Cynet at
•    Follow Cynet on Twitter at
•    Follow Cynet on LinkedIn at

About Cynet
Cynet 360 is the world’s first Autonomous Breach Protection platform that natively integrates XDR endpoint, user and network attack prevention and detection capabilities with an incident engine that fully automates investigation and remediation actions, backed by a 24/7 world-class MDR service. End to end, fully automated breach protection is now within reach of any organization, regardless of security team size and skill level. For additional information, please visit:


No posts to display