Increased threats from cyber attacks, lost devices and loss of confidential or proprietary data are now being felt by small to medium-sized businesses, which cite protecting their information as their highest priority. That's the main conclusion of the 2010 Global SMB Information Protection Survey conducted by security software provider Symantec. The survey is based on responses from 2152 SMB executives and IT decision makers in 28 countries in May 2010. “Small and mid-sized organisations are facing increased risks to their confidential information – including bank account numbers, credit card information and customer and employee records. Whether it's due to a malware attack, a server crash, or a stolen mobile device, loss of information can be highly detrimental, if not fatal for an SMB,” said Bernard Laroche, senior director of product marketing at Symantec. SMBs are now spending an average of $US51,000 a year, and two-thirds of IT staff time working on information protection, including computer security, backup, recovery and archiving as well as disaster preparedness. Eighty-seven percent of SMBs have a disaster preparedness plan, but there is still work to be done, as only 23% rate their plan pretty good/excellent. Seventy-four percent of SMBs surveyed are somewhat/extremely concerned about losing electronic information. In fact, 42% have lost confidential or proprietary information in the past. All companies that have lost data have seen direct losses, such as lost revenue, or direct financial costs, such as money or goods. One of the main issues for SMBs is lost devices. Almost two-thirds of businesses polled have lost devices such as laptops, smartphones or iPads in the past 12 months. All have at least some devices that have no password protection and cannot be remotely wiped of their data to protect their confidential business information if lost. Seventy-three percent of the respondents were victims of cyber attacks in the past year. Thirty percent of those attacks were deemed somewhat/extremely successful. Effects included expensive downtime and loss of important corporate data, as well as personally identifiable information of customers or employees. These losses led to direct costs for all respondents such as lost productivity, lost revenue and loss of customer trust. In response, Symantec in Europe has launched an online benchmarking service for small businesses, designed to show them how their security efforts measure up against those of 700 peer firms. The Symantec Small Business Check-up (tinyurl.com/2fzl9an) is an online questionnaire which allows firms to check how vulnerable they are to security risks, before advising which areas may be most exposed. An announcement of a local version of this service is expected soon.