Small and Mid-sized Businesses exposed to the growing wave of Internet security threats

(19/10/2007)

SMBs make up the overwhelming majority of the world’s business landscape, totaling more than 99.5 percent of all businesses in each country surveyed and representing more than 50 percent of the Gross Domestic Product (GDP) in each country.

According to Webroot Software's latest report, “State of Internet Security: Protecting Small and Medium Businesses”, SMBs worldwide are very exposed to Internet security threats.

In conjunction with the report, Webroot has released a handbook for SMBs, “A Guide to Security for Small & Medium Business” that provides tips and best practices for protecting technology infrastructure and sensitive customer data from malware and cyber criminals.

“Unlike larger corporations, SMBs often lack the monetary resources and IT expertise to install and maintain the type of protection needed in the face of today’s growing malware threats. The real dichotomy here is that most of these companies think the real threats are viruses and worms, but the reality is the percentage of spyware is much higher and growing quickly,” said Peter Watkins, CEO, Webroot Software. “As a result, these companies are easier targets for cyber criminals when compared to larger companies with dedicated IT security resources.”

Because of the sheer number of SMBs worldwide, they are easy for criminals to find and have several consistent internal attributes that heighten their Internet security risk including:
· Pervasive Internet use. Seventy-seven percent of SMBs said their success depends on the Internet.
· Home-based and remote workers. Up to 52 percent of new businesses are home-based or remote.
· The need to store valuable customer and employee data due to online sales.

SMBs are increasingly connected in order to do business, but there are a number of other factors impacting their IT security including:
· Lack of in-house security expertise.
· Limited budget and resource constraints.
· A constant struggle to keep pace with a growing mobile workforce.
· Absence of policies managing personal use of work computers.
· Increasing volume of sensitive customer and employee data.
· A rapidly evolving threat landscape.

“We’re seeing a perfect storm developing that could possibly have serious economic impact. SMBs are heavily reliant on the Internet for their work, making them a target. Compounding matters, there has been a 183 percent increase in websites harboring spyware since January 2007, and SMBs aren’t defending themselves adequately,” added Watkins. “Given that these companies are the lifeblood of the world’s leading economies in both revenue generation and employment, we have a situation that could expose both businesses and customers to a very real, significant and growing threat on a global basis.”

Report Highlights:

§ Low Awareness and Misperception of Real Problem. In all six countries surveyed, SMBs reported viruses and worms as more of a threat than spyware, yet last year spyware threats increased while viruses were on the decline.

§ High Virus Infection Rates Despite Protection. Approximately 96 percent of respondents reported that they have an antivirus solution installed, but more than 60 percent of respondents in Canada, France and the U.S. still reported a virus infection in the past year, which reflects the need for broader protection due to the increasingly complex nature of malware threats, and the need for someone to help manage the solution.

§ Lack of Policies for Perceived Threats. To the extent that SMBs view employee errors and data theft as serious threats, 40 to 60 percent lack a policy to restrict or monitor employees’ personal use of work computers.

§ Limited or No IT Staff. Approximately 40 percent of SMBs in Japan reported having no IT department at all, while three-fourths of SMBs surveyed have fewer than ten people in IT. The lack of in-house security expertise helps explain why 61 percent of SMBs have never sought information about how to properly protect customer and employee data.

Related topics:  Computer and PC Security   Hacking and intrusion prevention   Internet and Web security   Network Security   Security threats and vulnerabilities   Virus, Worm, Email security, spyware and malware   VPN 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources