Cyber attacks are serious business in 2017, and even Fortune 100 companies aren’t immune from the threat. What’s even scarier is that only about a quarter of small businesses are prepared for a cyber security attack.
According to their recent survey on the IT risks small businesses face, Netwrix Corporation has found that 73% of small businesses do not have a separate information security function. On top of that, a full 88% don’t even have adequate preparations in place when it comes to security governance or risk management.
Simply put, the vast majority of small businesses are completely unprepared for a coordinated cyber attack, putting their business and their customer data at risk.
For their study, Netwrix polled 723 IT pros and small business owners to get their information. So considering that 60% of small business go out of business completely within six months of a cyber attack, this lack of preparedness is quite startling.
So why are these businesses lacking in security? The majority of these businesses say that their lack of budget and insufficient staff training is to blame. Some owners also explained that they didn’t have much time to spare. Considering all the other demands on a small business owner’s time, a potential cuber security threat wasn’t deemed as important to them as other matters of business.
On top of that, an overwhelming majority of these businesses don’t seem to understand much about emerging trends in the digital world such as cloud computing or corporate mobile devices. For example, 33% of business owners don’t understand where their data is going when it is being stored on a cloud hosting platform. In addition, only a quarter of these business owners have complete visibility to where their data is stored and when. So what this means is that there are thousands of small businesses who send their secure information out to the Internet, and have no concern over what is happening to it.
Interestingly enough, a huge majority of these business owners don’t believe hackers are a threat to their systems at all. Instead, they believe that their biggest problem could stem from employees who have access to their internal server, whether their actions had malicious intent or not. Only one-fourth believe hackers are the biggest threat of all.