SMBs are ahead of the game on security
It’s a generally held view that smaller businesses are more vulnerable to cyber threats than larger ones but a new report from Cisco Security suggests this may not actually be the case.
In its 2020 SMB Cybersecurity Report the company reveals that SMBs are maturing and mirroring larger organizations' approaches to a variety of security issues, including data breach disclosure, customer data inquiries, threat hunting and more.
Among the finding are that 59 percent of SMBs voluntarily disclosed their most significant data breach last year (compared to 62 percent of larger businesses). Also 90 percent of IT decision makers within SMBs now say they are familiar with their data privacy program, compared to 91 percent in larger companies.
It's often claimed that SMBs don't have dedicated employees for cybersecurity. In fact the report shows less than one percent of SMBs say that they didn't have anyone dedicated to security. SMBs are actively threat hunting too -- not only do 72 percent of SMBs have organized employees dedicated to threat hunting, this is close to the percentage of large organizations who have a threat hunting department.
Wolfgang Goerlich, advisory CISO at Cisco Security writes on the company's blog, "The security industry has often been unjustly harsh towards small and medium businesses when it comes to recognizing how well you prioritize cybersecurity. This report -- based on a survey of almost 500 SMBs (defined here as organizations with 250-499 employees) -- reveals that not only do you take security very seriously, but that your innovative and entrepreneurial approach to security is also paying dividends."
The report sets out to bust 10 myths about SMB cybersecurity, including that they don't take security seriously, that they face different threats and that they don't test their incident response plans.
You can read more and get the full report over on the Cisco blog.