10 Mind-Blowing Facts on the State of Information Security for Small Business in 2015

Information security (IS) should be a key priority at organizations of any size. Gartner reports the average company dedicates just five percent of its budget to protecting customer data.

The staggering costs of a cybercrime attack can be particularly devastating to small and mid-sized businesses (SMB). Gain insight into the state of cybercrime and what SMB need to know to protect themselves.

1. Attacks Are Increasing

Despite companies’ increased efforts to protect themselves against crime, the rate of incidents continues to grow. The annual compounded growth rate of cybercrime is 66 percent.

2. Most Companies Are Unprepared

The average business doesn’t feel prepared for the current IS climate. In fact, 56 percent doubt they would even be able to detect a sophisticated attack.

3. Vendors Are Ignored

Many SMBs fail to realize that vendor security issues can lead to risks. Perhaps more concerning, 33 percent are not sure if they have a security agreement in place with their vendors.

4. Your Employees Are a Risk

Data breaches can occur due to cybercriminals, but the vast majority of security incidents are caused by employees. In many cases, this is due to a lack of knowledge on security best practices.

5. Companies Are Spending More

Sixty-two percent of companies of all sizes are choosing to proactively protect themselves against risks by spending more of their IT budgets on security, which can include bringing on professional help by working with a professional IT services provider.

6. Attacks Are Very Expensive

The average security attack worldwide costs $3.5 million dollars, which can cover the costs associated with fines, fees, notifying customers, and related charges. Each lost or stolen customer identity comes to around $145.

7. Companies Aren’t Testing Enough

Forty-nine percent of companies fail to complete “fire drills” to determine just how effective their data recovery practices, encryption, and other components of information security really are.

8. Mobile Is Risky

The rising adoption of smartphones and tablets doesn’t mean it’s safe. Mobile device management and Mobile vulnerabilities are currently considered the single-biggest security risk, especially since employees may take these mobile devices off site or connect to unsecured wireless networks.

9. Policies Matter

Despite the importance of educating employees, only 76 percent of brands have password policies developed and company-wide procedures in place.

10. IT Is Concerned

Eighty percent of IT professionals believe their organizations need to be working harder to defend against cybercrime. In many cases, these professionals are limited by budget and company culture.

Taking steps to protect your customers’ data could be the best IT investment you make this year. In an era of increased cybercrime, employee education, security technologies, and increased vigilance aren’t just important. They’re necessary.

Get in touch with your local San Francisco Bay Area Managed Services Provider to get started on your strategic information security roadmap today!

Comments are closed.


San Francisco Office
315 Montgomery St., 9th Fl
San Francisco, CA 94104

P 415-759-8500

Concord Office
1800 Sutter St., Ste 680
Concord, CA 94520

P 925-459-8500