Ponemon Institute: Management uncertainty, lack of security expertise put SMBs at risk

ponemoninstituteNew research conducted by the Ponemon Institute on behalf of Sophos shows that small and mid-sized businesses (SMBs) face significant risk due to management’s lack of awareness and low prioritization of cyber security.

The survey results from the Risk of an Uncertain Security Strategy report offer revealing and sometimes disconcerting insights into the state of security for SMBs.

Security challenges facing SMBs

The survey of 2,000 IT professionals globally found that 58% believe management does not see cyber attacks as a significant risk to their business—despite the fact that 51% of SMBs experienced data loss or exposure in the past 12 months.

Along with a lack of awareness by senior management, 44% of respondents said cyber security is not a priority issue for the organization. Meanwhile, 42% said insufficient budget is a serious challenge, and 33% said a lack of in-house expertise hampers their ability to have an effective security posture.

ponemonsecuritychallenges

Who’s responsible for cyber security?

Many SMBs lack coordination in their approach to cyber security. Among respondents to the Ponemon Institute survey, 31% said there is no one person responsible for setting security priorities. Chief executives are rarely involved in setting security priorities, lending to their lack of awareness about risks.

ponemonsecuritypriorities

Read the Ponemon Institute report
Click here for the full survey and our recommendations for SMBs (PDF):

ponemoninstituteThe Risk of an Uncertain Security Strategy: Study of Global IT Practitioners in SMB Organizations

3 thoughts on “Ponemon Institute: Management uncertainty, lack of security expertise put SMBs at risk

  1. Pingback: Advanced persistent threats: What they are, what they aren’t | Sophos Blog

  2. Pingback: Target data breach: What retailers and consumers can do | Sophos Blog

  3. Pingback: Keep your website secure from exploit kits and hacker attacks (Video) | Sophos Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s