Small organizations confident they're secure, yet lack plans

Share this article:

A new study of small businesses shows that while a majority believe they have a good handle on protecting sensitive data, most lack back security measures, notably policies and procedures.

Eighty-six percent of the 1,015 businesses (250 employees or fewer) that were polled in the survey, commissioned by the National Cyber Security Alliance and security firm Symantec, said they are "satisfied" with the level of security they have in place to defend customer or employee data. And seventy-seventy percent believe their company is safe from breaches.

However, 87 percent of respondents have not written a formal security policy for employees, 83 percent lack any security blueprint at all and 59 percent have no plan in place to respond to a security incident.

Meanwhile, hackers are more frequently placing small and midsize (SMB) organizations in their cross-hairs. The 2012 "Data Breach Investigations Report" from Verizon, considered the industry's gold standard for determining the breadth of cyber attacks, found that businesses with fewer than 1,000 employes are increasingly being targeted by mass, automated attacks in which malware is installed on their vulnerable systems.

Many mom-and-pop shops lack the funding to implement large-scale security defenses -- and most handle security and website management in-house -- but there are free resources available, including from the Federal Communications Commission.

Ellen Richey, chief enterprise risk officer of Visa, visited the Nasdaq stock exchange last week to promote security awareness among SMBs.

"Small business owners have an important role to play as well," she wrote in a blog post after. "Data security is fundamental to securing payments and maintaining customer trust. The best advice I can give to small businesses is: Be proactive. Don't wait until you have had a breach or lost valuable data to take stock of your company's data security practices. Make security a priority and start by taking common sense measures to make your cyber security as strong as the padlock you put on your store's front door."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.