News Column

Cyber Security Low Priority for Small Businesses: Survey

Oct. 18, 2012

Staff --

Latina with computer and credit card

U.S. small-business owners aren't concerned about cyber security, and a majority of them have no policies or contingency plans for dealing with a cyber security breach, a new survey indicates.

More than three-quarters of small- and medium-sized businesses (SMBs) consider themselves safe from hackers, viruses and malware, while four-fifths have no formal cyber security plan for dealing with threats, according to a survey by the National Cyber Security Alliance (NCSA) and Symantec.

"We want U.S. small businesses to understand they cannot completely remain safe from cyber threats if they do not take the necessary precautions," said Michael Kaiser, executive director of the NCSA. "A data breach or hacking incident can really harm SMBs and unfortunately lead to a lack of trust from consumers, partners and suppliers. Small businesses must make plans to protect their businesses from cyber threats and help employees stay safe online."

The findings from a survey of 1,015 SMBs turned up some revealing disparities. While about three-quarters of SMBs believe cyber security is critical to their success and protecting their brand, six out of 10 respondents don't have a plan for handling data breach losses, and two out of three are unconcerned about potential threats from hackers or disgruntled employees -- current or otherwise.

Internet security policies are lax or lacking entirely, according to the survey. Most SMBs have no formal written Internet security policy for employees -- and nearly seven in 10 lack even an informal one. Despite that, 86 percent of SMBs are satisfied with the security of their and their customers' data.

However, more than 90 percent of payment data breaches reported to Visa Inc. come from SMBs, according to the report.

"It's terrifying that the majority of U.S. small businesses believe their information is protected, yet so many do not have the required policies or protection in place to remain safe," said Brian Burch, vice president of Americas Marketing for SMB at Symantec. "Almost 40 percent of the over 1 billion cyber attacks Symantec prevented in the first three months of 2012 targeted companies with less than 500 employees. And for the small, poorly protected companies that suffer an attack, it's often fatal to their business."

How to stay safe

Younger companies are savvier companies when it comes to cyber security. Enterprises launched within the past four years "are almost 20 percent more likely than older small businesses to have a written plan in place for keeping their business secure from cyber threats," according to the report.

Which means some small businesses have some catching up to do. However, any small business can improve its online safety by taking a few key precautions:

First, know what you need to protect. Be particularly aware of where information is stored and used.

Second, enforce the use of strong passwords. Insist on passwords of at least eight characters and that use numerals and symbols. They're harder to remember, yes -- and they're also a lot harder to hack.

Third, map out a plan for dealing with disaster before it happens, not after. Implement security measures, archive important data, and test the system regularly.

Other measures include encrypting confidential information; using a good security program; keeping up to date on worms, viruses and Trojan horses; and educating employees on Internet safety.

Further information on how to prevent cyber breaches is available at the Web portal for National Cyber Security Awareness Month and the STOP. THINK. CONNECT. Campaign.


JZ Analytics conducted the small business survey from Sept. 27–29, 2012. The firm surveyed 1,015 U.S. small businesses (fewer than 250 employees) across the U.S.. The margin of error is +/- 3.1 percentage points and margins of error are higher in sub-groups.

The full study and a fact sheet are available at

The National Cyber Security Alliance is a nonprofit that promotes Internet security and the protection of the digital assets that all cybercitizens share. Its board members include ADP, AT&T, Facebook, Google, Intel, McAfee, Microsoft, PayPal and Symantec.

Symantec is a global leader in security, backup and availability solutions.

SOURCE National Cyber Security Alliance

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: (c) 2012. All rights reserved.

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters