Studies suggest cyber-security overconfidence in small/medium businesses

In a recent survey by Symantec and the National Cyber Security Alliance (NCSA), most small and medium-sized businesses participating felt they were safe from cyber threats, although just 17% of the 1,015 companies had a formal plan for cyber security.  Other contradictory items:

  • Although 77% recognized that strong cyber security was important for their brand, 59% had no plan on how to respond to a data breach.
  • Only 13% had a written Internet policy, but 62% believed that their employees knew the company’s Internet policy and practices.

 

Visit Small biz survey: No cybersecurity plans — no worries. What? for the full CNet article by Charles Cooper.

 

In a separate survey during the fall of 2011, research firm Opinion Matterspolled 200 IT decision makers working in companies of five to 250 employees.  Although almost 88% had web-monitoring/filtering software, over 40% of respondents have had a security breach due to unsafe web browsing.

 

Visit 40% of SMB have had a security breach due to unsafe Web surfingfor the full ConnectIT article by Mark Cox.

 

Both studies suggest that these businesses are not as secure as they think.