The BCI

Small to medium sized businesses not prepared for a cyber attack

News   •   Dec 10, 2015 16:38 GMT

Are small to medium sized businesses (SMBs) prepared for a cyber attack? Not according to a new study by Webroot which indicated that just 37% of IT decision makers surveyed in the US, the UK and Australia believe their organizations to be completely ready to manage IT security and protect against threats. Furthermore, many believe they lack the resources needed to protect themselves against malware attacks.

Are organizations completely ready to stop cyber attacks? highlighted that within the majority of SMBs, IT teams are expected to handle all cyber security management and concerns, with IT employees at nearly a third of companies (32%) having to juggle security along with other IT responsibilities. This leaves employees stretched thin and unable to devote the necessary time to many critical cyber security tasks.

"SMBs play a pivotal role in helping drive the economies of all the countries polled, but past experiences have taught them they face an uphill battle when it comes to cyber security," said George Anderson, director of product marketing at Webroot.

Defending a company from cyber attacks is inherently challenging, and made even more so by budgetary constraints. The vast majority of SMBs do not have security budgets remotely comparable to those of large (and previously breached) organizations such as J.P. Morgan, Target and Anthem. In fact, according to the study, nearly 60% of respondents think their business is more prone to cyber attacks because they have too few resources for maintaining their defences.

It is important that all organizations have plans in place to deal with a potential cyber attack as the latest Horizon Scan Report published by the Business Continuity Institute revealed that they are the number one threat according to business continuity professionals, with 82% of respondents to a survey expressing concern at the prospect of one occurring.

IT decision makers can point to specific areas in which they feel underprepared. According to the survey, almost half (48%) think their company is vulnerable to insider threats, such as employees. Following that, 45% believe they are unprepared for unsecured internal and external networks, such as public wifi, and 40% for unsecured endpoints, such as computers and mobile devices.