Story image

SMBs need help to better understand cyber attack threats

22 Nov 13

Many SMBs are potentially putting their organisations at risk because of uncertainty about the state of their security and threats faced from cyber attacks.

According to the Risk of an Uncertain Security Strategy study, senior management is failing to prioritise cyber security, which is preventing them from establishing a strong IT security posture.

Of 2,000 respondents surveyed globally, 58 percent confirmed that management does not see cyber attacks as a significant risk to their business.

Despite this, IT infrastructure and asset security incidences, as well as wider security related disruptions, were found to have cost these SMBs a combined average of $1,608,111 over the past 12 months.

The research, sponsored by Sophos, also identified that the more senior the position of the decision maker in the business, the more uncertainty there was surrounding the seriousness of the potential threat.

“The scale of cyber attack threats is growing every single day,” says Gerhard Eschelbeck, Chief Technology Officer, Sophos.

"Yet this research shows that many SMBs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture.”

According to the research, there are three main challenges preventing the adoption of a strong security posture:

• Failure to prioritise security (44 percent)

• Insufficient budget (42 percent)

• A lack of in-house expertise (33 percent)

In many SMBs there is also no clear owner responsible for cyber security, which often means it falls into the purview of the CIO.

“Today in SMBs, the CIO is often the “only information officer”, managing multiple and increasingly complex responsibilities within the business,” Eschelbeck adds.

“However, these “OIOs” can’t do everything on their own and as employees are demanding access to critical apps, systems and documents from a diverse range of mobile devices, it would appear security is often taking a back seat.”

The study also reveals uncertainty around whether ‘Bring Your Own Device’ policies (BYOD) and the use of the cloud are likely to contribute to the possibility of cyber attacks.

Seventy-seven percent of respondents said the use of cloud applications and IT infrastructure services will increase or stay the same over the next year, yet a quarter of those surveyed indicated they did not know if this was likely to impact security.

Similarly, 69 percent said that mobile access to business critical applications would increase in the next year, despite the fact that half believe this will diminish security postures.

“Small and midsize organisations simply cannot afford to disregard security,” adds Larry Ponemon, president of the Ponemon Institute.

“Without it there’s more chance that new technology will face cyber attacks, which is likely to cost the business substantial amounts.

"CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security.

"The industry needs to recognise the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures.”

Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Preparing for e-invoicing requirements
The New Zealand and Australian governments are working on a joint approach to create trans-Tasman standards to e-invoicing that’ll make it easier for businesses in both countries work with each other and across the globe
5c more per share: Trade Me bidding war heats up
Another bidder has entered the bidding arena as the potential sale of Trade Me kicks up a notch.
Hootsuite's five social trends marketers should take note of
These trends should keep marketers, customer experience leaders, social media professionals and executives awake at night.
Company-X celebrates ranking on Deloitte's Fast 500 Asia Pacific
Hamilton-based software firm Company-X has landed a spot on Deloitte Technology’s Fast 500 Asia Pacific 2018 ranking - for the second year in a row.
Entrepreneur reactivates business engagement in AU Super funds
10 million workers leave it up to employers to choose their Super fund for them – and the majority of employers are just as passive and unengaged at putting that fund to work.
Tether: The Kiwi startup fighting back against cold, damp homes
“Mould and mildew are the new asbestos. But unlike asbestos, detecting the presence – or conditions that encourage growth – of mould and mildew is nearly impossible."
Capitalising on exponential IT
"Exponential IT must be a way of life, not just an endpoint."