Businesses Suffer From False Sense of Cyber-Security: Symantec Report
A majority of businesses do not have Internet usage policies that clarify which Websites and services employees can use.The majority of small business owners believe Internet security is critical to their success and that their companies are safe from ever-increasing cyber-security threats even as many fail to take fundamental precautions, according to a survey of U.S. small businesses sponsored by Symantec and the National Cyber Security Alliance and conducted by Zogby International. The survey found that two-thirds (67 percent) of U.S. small businesses have become more dependent on the Internet in the last year and 66 percent are dependent on the network for their day-to-day operations. What's more, 57 percent of firms say that a loss of Internet access for 48 hours would be disruptive to their business and 38 percent said it would be "extremely disruptive," and 76 percent say that most of their employees use the Internet daily.
The vast majority of small business owners think their company is cyber-secure as 85 percent of respondents said their company is safe from hackers, viruses, malware or a cyber-security breach and seven in 10 believe Internet security is critical to their business' success. Additionally, a majority (57 percent) of small businesses believe that having a strong cyber-security and online safety posture is good for their company's brand.
When asked to rank the top concern of small business owners while their employees are on the Internet, 32 percent reported viruses, 17 percent spyware/malware and 10 percent reported loss of data. Yet only 8 percent are concerned about loss of customer information, 4 percent about loss of intellectual property and only one percent worry about loss of employee data, even though cyber-security experts believe the loss of any of this kind of information would be devastating to a business. Overall, cyber-vulnerabilities and threats are steadily on the rise, according to the "Symantec Internet Security Threat Report, Trends for 2010," the latest version of the company's annual cyber-security study. For example, the report found a 9 percent increase in Web-based attacks. Smartphones and other mobile devices are also poised to play a large role with a sharp 42 percent rise last year in the number of reported security vulnerabilities, according to Symantec's 2010 report. In addition to struggling with the basics, many small businesses are failing to keep up with the increasing adoption of mobile and social media platforms. Just 37 percent of U.S. small businesses have an employee policy or guidelines in place for remote use of company information on mobile devices and just over one in three (36 percent) maintains a policy for employees' use of social media. Experts say that strong password protections, protecting USB devices and wireless networks matter to a firm's security posture. Yet, a majority of firms (59 percent) do not use multifactor authentication (more than a password and log-on) to access any of their networks. Only half reported they completely wipe data off their machines before they dispose of them, and 21 percent never do.