SMBs are underprepared for cyberattacks
No business is immune from cyber attack, and smaller companies are often targeted as they lack the resources to put into first class protection.
A new survey by cybersecurity company Webroot of 600 IT decision makers (ITDMs) at small- to medium-sized businesses, finds that the attacks organizations believed themselves to be most susceptible to in 2017 are rapidly shifting in 2018, while businesses still feel underprepared.
Phishing is now the number one attack that ITDMs believe their organizations are most susceptible to in 2018. Fear of phishing is up from number three last year, with new forms of malware dropping down the list to number six, behind DDoS attacks and mobile attacks. Post WannaCry, ransomware also rose from the fifth most susceptible attack to third globally -- and topped the charts in the UK.
There is a good deal of national variation. US ITDMs think their business will be most susceptible to phishing threats (56 percent), while the UK fears ransomware (44 percent) and Australia DNS attacks (52 percent).
SMBs in the UK are significantly less concerned about DDoS attacks (17 percent) than the US (52 percent) and Australia (49 percent). Australian businesses view insider threats as a bigger concern than in other regions surveyed (32 percent in Australia vs. 25 percent globally). In the US ITDMs are more concerned about new forms of malware infections (37 percent) than the UK (32 percent) or Australia (34 percent).
Compared to last year, SMBs feeling 'very confident' their business is 'completely ready to manage IT security and protect against threats' has dropped from 48 percent to 21 percent globally.
Businesses in the US (54 percent) are more likely to offer continuous training to employees than those in the UK (31 percent) or Australia (32 percent). UK businesses (26 percent) are more likely to only conduct security training after a data breach takes place compared to those in the US (nine percent) or Australia (19 percent).
"As our study shows, the rise of new attacks is leaving SMBs feeling unprepared," says Charlie Tomeo, vice president of worldwide business sales at Webroot. "One of the most effective strategies to keep your company safe is with a layered cybersecurity strategy that can secure users and their devices at every stage of an attack, across every possible attack vector. And for many businesses, relying on a managed service provider (MSP) when time and expertise aren't readily available is a crucial step to strengthen their security efforts."
You can find out more about the results on the webroot site.