Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

11/16/2011
01:09 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec Survey: SMBs Don't Think They're A Target And Aren't Taking Action

More than half of SMBs are familiar with many different security threats to the business, according to 2011 SMB Threat Awareness Poll

Symantec Corp. (Nasdaq: SYMC) today announced the findings of its 2011 SMB Threat Awareness Poll, which revealed that while awareness is high, SMBs don't consider themselves targets of cyberattacks. As a result, they are not implementing the proper safeguards to protect their information. The SMB Threat Awareness Poll examined the awareness levels of small and medium sized businesses (SMBs) regarding the dangers of security threats, and how well they are prepared to defend against them.

"Our research shows that SMBs are quite vulnerable to cyberattacks, and it's more important than ever for them to take steps to keep their information safe," said Steve Cullen, senior vice president of Worldwide Marketing for SMB and .Cloud for Symantec Corp. "Even with tight budgets and limited resources, simple changes such as education and best practices can significantly strengthen an SMB's security approach to cyberattacks."

Click to Tweet: Symantec Survey reveals half of SMBs don't think they are a target for cyberattacks: http://bit.ly/tXeVnT

Survey Highlights

. SMBs are familiar with security threats The survey shows that more than half of SMBs are familiar with many different security threats to the business, including targeted attacks, keystroke logging, and the risks that come with using smartphones for company business. More than half (54 percent) stated that malware would cause a loss of productivity, and 36 percent recognized that hackers could gain access to proprietary information. In addition, respondents said a targeted attack would impact the business. Forty-six percent stated that a targeted attack would cause a revenue loss and 20 percent said it would drive customers away.

. SMBs don't see themselves as targets Surprisingly, although SMBs know the dangers of cyberattacks, they don't feel they are at risk. In fact, half of SMBs think that because they are a small company, they aren't in danger - it's primarily large enterprises that have to worry about attacks. This is in direct contrast to the evidence. According to data from Symantec.cloud, since the beginning of 2010, 40 percent of all targeted attacks have been directed at companies with fewer than 500 employees, compared to only 28 percent directed at large enterprises.

. SMBs not taking action Because SMBs don't see themselves as targets, many of them are failing to take basic precautions to protect their information. While two-thirds restrict who has login information, a shocking 63 percent don't secure machines used for online banking and 9 percent don't take any additional precautions for online banking. More than half (61 percent) don't use antivirus on all desktops, and 47 percent don't use security on mail servers/services. Recommendations In order to keep sensitive corporate information safe, there are several simple practices SMBs can follow to protect against cyberattacks.

. Educate employees: Develop Internet security guidelines and educate employees about Internet safety, security and the latest threats. Part of the training should focus on the importance of regularly changing passwords and protecting mobile devices.

. Assess your security status: SMBs are facing increased risks to their confidential information, so safeguarding data is critical. One data breach could mean financial ruin for an SMB. Know what you need to protect. It's important to understand your risks and security gaps so that you can take steps to protect your information.

. Take action: Be proactive and develop a security plan. Consider items such as password policies, endpoint protection, the security of email and Web assets, and encryption. You should also evaluate whether on-premise or a hosted service would best suit the needs of your organization.

Symantec's 2011 SMB Threat Awareness Poll Applied Research fielded this survey by telephone in September 2011. They spoke with 1,900 organizations worldwide. Of the organizations surveyed, 25 percent came from businesses with 5 to 49 employees, 25 percent came from businesses with 50 to 99 employees, 25 percent came from businesses with 100 to 249 employees, and 25 percent came from businesses with 250 to 499 employees. In all cases they spoke to the person who managed their computing resources.

Resources . Report: SMB Threat Awareness Poll Global Results 2011 . SlideShare: SMB Threat Awareness Poll Global Results 2011

Connect with Symantec . Follow Symantec on Twitter . Join Symantec on Facebook . Subscribe to Symantec News RSS Feed . View Symantec's SlideShare Channel . Visit Symantec Connect Business Community

About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20620
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621
PUBLISHED: 2021-01-28
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2021-20622
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2020-5626
PUBLISHED: 2021-01-28
Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.
CVE-2021-3142
PUBLISHED: 2021-01-28
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this candidate. All references and descriptions in this candidate have been removed to preve...