Small businesses under-prepared for cyber security
Although there has been heavy media coverage of information security issues in the past year, more than half of Britain's small businesses say that they aren't taking any preventative measures to protect themselves against cybercrime.
According to a survey by identity protection specialist CSID 52 percent of UK small businesses aren't guarding against cybercrime and a large majority (85.3 percent) don't have any plans to increase their budgets for security implementation, and less than 13 percent are working with a third party vendor to protect themselves. When asked about their concerns in the event of a data breach, 53 percent of respondents were worried their reputation would be damaged. Yet despite these fears only 47 percent of respondents are monitoring what is written about their brands online, and less than 15 percent have a social media policy in place. Only nine percent were worried about the negative impact on employees.
"While monitoring what is written about your business online is a good practice, we’re surprised by the lack of employee education and social media policies in place," says Andy Thomas, managing director of CSID in Europe. "It seems that time and again businesses misjudge the element of staff related security breaches which appear to be increasing every year. Yes, there will always be threats from malware, phishing and DOS, but never underestimate the human factor".
When asked about their concerns, most respondents cited the threat of undetected malware, 33 percent stated phishing attacks, and the least concerning threat was BYOD with only 2 percent of answers.
In the event of a breach, the CSID survey finds that 63 percent of small businesses would most likely turn to their insurer, bank, lawyer or IT supplier for assistance; the police being the least likely first point of call. Yet despite this 68 percent of respondents say that their IT service provider hasn't provided them with any information regarding data breaches and 68.6 percent confess to not having a disaster recovery or business continuity plan in place.
More information about how small businesses can protect themselves is available on the CSID website.
Image Credit: Manczurov / Shutterstock