Studies suggest cyber-security overconfidence in small/medium businesses

In a recent survey by Symantec and the National Cyber Security Alliance (NCSA), most small and medium-sized businesses participating felt they were safe from cyber threats, although just 17% of the 1,015 companies had a formal plan for cyber security.  Other contradictory items:

  • Although 77% recognized that strong cyber security was important for their brand, 59% had no plan on how to respond to a data breach.
  • Only 13% had a written Internet policy, but 62% believed that their employees knew the company’s Internet policy and practices.

 

Visit Small biz survey: No cybersecurity plans — no worries. What? for the full CNet article by Charles Cooper.

 

In a separate survey during the fall of 2011, research firm Opinion Matterspolled 200 IT decision makers working in companies of five to 250 employees.  Although almost 88% had web-monitoring/filtering software, over 40% of respondents have had a security breach due to unsafe web browsing.

 

Visit 40% of SMB have had a security breach due to unsafe Web surfingfor the full ConnectIT article by Mark Cox.

 

Both studies suggest that these businesses are not as secure as they think.

October is National Cyber Security Awareness Month (NCSAM)

According to the National Cyber Security Alliance (NCSA), October is the month to promote Cyber Security Awareness, which “…encourages people to do their part to make their online lives safe and secure.”

 

The NCSA’s philosophy is that safe browsing is a shared responsibility: “Everyone has a role in securing their part of cyber space, including the devices and networks they use.”  NCASM provides a focal point for participants to educate others about safe and secure usage.  Its three-part mantra:

  • Stop – Understand the risks and learn how to spot potential problems
  • Think – Consider how your usage of the Internet could impact others
  • Connect – Proceed with confidence now that you know what to expect

 

The official presidential proclamation states that NCASM is the time to “…recommit to ensuring that our information and infrastructure remain secure, reliable, and resilient”.

 

Business users may visit Keep My Business Safe for details on how to secure their businesses.  There are safety tips for individuals and some free security-checkup tools.