New research conducted by the Ponemon Institute on behalf of Sophos shows that small and mid-sized businesses (SMBs) face significant risk due to management’s lack of awareness and low prioritization of cyber security.
The survey results from the Risk of an Uncertain Security Strategy report offer revealing and sometimes disconcerting insights into the state of security for SMBs.
Security challenges facing SMBs
The survey of 2,000 IT professionals globally found that 58% believe management does not see cyber attacks as a significant risk to their business—despite the fact that 51% of SMBs experienced data loss or exposure in the past 12 months.
Along with a lack of awareness by senior management, 44% of respondents said cyber security is not a priority issue for the organization. Meanwhile, 42% said insufficient budget is a serious challenge, and 33% said a lack of in-house expertise hampers their ability to have an effective security posture.
Who’s responsible for cyber security?
Many SMBs lack coordination in their approach to cyber security. Among respondents to the Ponemon Institute survey, 31% said there is no one person responsible for setting security priorities. Chief executives are rarely involved in setting security priorities, lending to their lack of awareness about risks.
Read the Ponemon Institute report
Click here for the full survey and our recommendations for SMBs (PDF):
The Risk of an Uncertain Security Strategy: Study of Global IT Practitioners in SMB Organizations
Advanced persistent threats: What they are, what they aren’t | Sophos Blog
[…] in the IT security world these days, but it’s often misunderstood. According to a recent report by the Ponemon Institute, 33% of IT professionals surveyed are unsure how to define the […]
Target data breach: What retailers and consumers can do | Sophos Blog
[…] and loss of business. A recent study by the Ponemon Institute found that 51% of small and mid-sized businesses experienced data loss in the past […]
Keep your website secure from exploit kits and hacker attacks (Video) | Sophos Blog
[…] Modern businesses these days need a secure, reliable website to conduct e-commerce and communicate with customers and anyone else who might be looking for them online. But many small business websites are especially vulnerable to hacker attacks. […]