Small firms mistakenly believe that they are immune from attack
Small firms naïve about security
/v3-uk/news/1968117/small-firms-na-ve-security
23 Jul 2008, Shaun Nichols , V3
Small and medium sized businesses (SMBs) have developed a false sense of security and remain naïve about the threats, according to McAfee.
The security firm issued a new report which examined the attitudes of SMBs regarding security.
Nearly a third of the companies surveyed had been attacked four or more times in the past three years. A quarter of those attacks took the company more than a week to recover.
However, the companies surveyed by and large believe that they are not prime targets for attack.
Some 52 per cent said that their company was too small to be noticed by criminals, while 46 per cent did not believe that their company could make a cyber-criminal any money.
"Just because a business is small does not mean that it is immune to security threats," said Darrell Rodenbaugh, senior vice president of the mid-market segment at McAfee.
"For businesses of all sizes, viruses, hacker intrusions, spyware and spam can lead to lost or stolen data, computer downtime, decreased productivity, compliance issues, lost sales and even loss of reputation."
Time is also a major liability, according to McAfee. The study found that 42 per cent of SMBs have an hour or less to spend on security management, while 43 per cent run with the default settings on all IT equipment.
"Time constraints are definitely a contributory factor to SMB security," said Rodenbaugh.
"In focus groups, SMBs have told us that they do not have enough time and they would rather not do anything rather than give it to someone else to do."
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
Hello, potential customer, you naive fool.
Small companies need to have their IT people focus on their main business. Security companies push this and tell customers, "buy our software. It'll protect you." Hopefully, a security company's SW will let the IT people focus on other activiies. SMB's will always be attacked as well, because there are so many of them. Nonetheless, larger companies have a larger potential payoff for hackers.
Posted by Craig Kensek, 23 Jul 2008
SMBs - You too are at risk too
Apart from cybercriminals, companies needlessly put themselves at risk because they underestimate the threat posed to their network?s security by endpoint devices like USB sticks, flash drives, iPods and PDAs. The uncontrolled use of portable storage devices by employees is a very real threat to the security and stability of any business. Unfortunately, many businesses are unaware of or ignore the threat until something actually happens.
Insider threats are growing and companies need to be more aware of this threat because the repercussions can be enormous. Security companies have long been warning about the dangers of endpoint devices but recent breaches show that businesses have not learnt the lesson and they are increasingly putting themselves at risk by giving out such devices to employees and encouraging their use.
What administrators must also realize is that managing risk is always more cost effective than having to react to breaches or incidents. In an ever-growing networked environment where risk is becoming a major concern, administrators have to be ahead of threats and not passively reacting to incidents. Apart from immediate financial repercussions such as business loss, there is the enduring stain of embarrassment and loss of credibility.
Posted by vineet, 26 Jul 2008