SMBs in the U.S. are soft on cybersecurity

According to an October survey co-sponsored by the National Cyber Security Alliance, 59 percent of all SMBs polled do not have a backup plan in place in case of a data breach.

Just because a business is not a large firm does not mean that hackers will not target them, as some of the costliest data breaches can happen to small and medium-sized businesses. However, it seems that SMBs in the United States are paying more attention to the flashy headlines about cybersecurity lapses at major corporations than their own layered security measures.

According to an October survey co-sponsored by the National Cyber Security Alliance (NCSA), 59 percent of all SMBs polled do not have a backup plan in place in case of a data breach even though a Ponemon Institute study from earlier this year found a data breach will cost a company about $750,000 at minimum. In addition, the NCSA report found that 66 percent of SMBs are not concerned about an external or internal cybersecurity lapse.

In addition, the survey’s results indicated that 87 percent of SMBs do not have a formal internet security policy and 69 percent said they do not even have an informal policy. On top it all, 70 percent of organizations said they have no social media usage policy with its employees even though such websites can expose businesses to phishing scams and other types of cyberattacks.

“We want U.S. small businesses to understand they cannot completely remain safe from cyber threats if they do not take the necessary precautions,” NCSA executive director Michael Kaiser said in a statement. “A data breach or hacking incident can really harm SMBs and unfortunately lead to a lack of trust from consumers, partners and suppliers. Small businesses must make plans to protect their businesses from cyber threats and help employees stay safe online.”

Although many SMBs expressed confidence in their cybersecurity practices, many of them are not practicing as much diligence as they could. More than 80 percent said they are satisfied with the amount of data security they provide and think they are investing enough resources into cybersecurity.

Why do you think many SMBs haven’t implemented cybersecurity policies? Leave your comments below to let us know what you think about this study’s findings!

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.