Although
awareness is high, small to midsize businesses don’t consider themselves
targets of cyber-attacks, according to findings of Symantec’s 2011 SMB Threat
Awareness Poll. As a result, they are not implementing the proper safeguards to
protect their information.
The
SMB Threat Awareness Poll examined the awareness levels of SMBs regarding the
dangers of security threats, and how well they are prepared to defend against
them.
The
survey shows that more than half of SMBs are familiar with many different security
threats to the business, including targeted attacks, keystroke logging and the
risks that come with using smartphones for company business. More than half (54
percent) stated that malware would cause a loss of productivity, and 36 percent
recognized that hackers could gain access to proprietary information. In
addition, respondents said a targeted attack would impact the business.
Forty-six percent stated that a targeted attack would cause a revenue loss, and
20 percent said it would drive customers away.
Although
SMBs know the dangers of cyber-attacks, they don’t feel they are at risk. In
fact, half of SMBs think that because they are a small company, they aren’t in
danger—it’s primarily large enterprises that have to worry about attacks, they
believe.
This
is in direct contrast to the evidence. According to data from Symantec.cloud,
since the beginning of 2010, 40 percent of all targeted attacks have been
directed at companies with fewer than 500 employees, compared with only 28
percent directed at large enterprises.
Because
SMBs don’t see themselves as targets, many of them are failing to take basic
precautions to protect their information. While two-thirds restrict who has
log-in information, 63 percent don’t secure machines used for online banking,
and 9 percent don’t take any additional precautions for online banking. More
than half (61 percent) don’t use antivirus on all desktops, and 47 percent
don’t use security on mail servers/services.
“Our
research shows that SMBs are quite vulnerable to cyber-attacks, and it’s more
important than ever for them to take steps to keep their information
safe," said Steve Cullen, senior vice president of worldwide marketing for
SMB and .Cloud for Symantec. "Even with tight budgets and limited
resources, simple changes such as education and best practices can
significantly strengthen an SMB’s security approach to cyber-attacks."