Small businesses are not taking security seriously.
According to a survey by Symantec many businesses are aware of common threats but significant numbers of them have measures to tackle security breaches. Of those surveyed, 25 per cent of respondents in the UK admitted that a recent security breach resulted in a loss of business while 13 per cent claimed that they had suffered a monetary loss too.
Respondents also admitted that they were unfamiliar with phrases such as minnowing (67 per cent) and whaling (65 per cent), while a policy of responsibility for protecting the company was also uncertain with 43 per cent thinking that it was the duty of the IT manager and 34 per cent believing it was the down to the managing director.
John Brigden, senior vice president at Symantec, said: “Symantec is naturally pleased that small businesses are aware of the threats posed in the modern computing era, but the results show that all too rarely do businesses proactively deploy the correct infrastructure to cope with the changing threat landscape. Antivirus software and firewalls are vital foundations but, alone, aren't enough to protect a business properly. Without comprehensive protection, small businesses can find themselves at significant risk.
“With system downtime and loss of information being among the biggest threats to a business's brand, customer loyalty and ultimately revenue generation, it is imperative that small businesses realise that simple and cost effective IT security can ensure they withstand even the most determined attempt to breach a company's security.”
When questioned about the risks posed by modern IT systems and infrastructure, it was security with wireless infrastructure that kept IT managers most awake at night, with 72 per cent admitting this was their prime cause of concern, followed by security with mobile phones (37 per cent) and security with IP Telephony (26 per cent).
Brigden said: “The reasons behind the lack of preparation were highlighted again when respondents were asked about the frequency with which they update the company's IT security. While 42 per cent do so daily, 15 percent do it weekly and six percent monthly. Thankfully, just three percent update yearly and none of the British respondents did so only when the business was attacked, as opposed to the European figure of nine percent.”