6 Signs SMBs Are Still Getting The Hang Of Data Breach Threats4:00 PM EST Thu. Nov. 29, 2012
A recent survey by Faronics and the Ponemon Institute suggests that many small to medium-sized businesses still fail to grasp the repercussions resulting from data breaches. Furthermore, in an era of increased budget sensitivity, these misconceptions are causing flawed decisions around security and overall cyber readiness. Here are a few interesting nuggets from the U.S. portion of Faronics and Ponemon's State of Cyber Readiness Survey.
According to the survey, only 9 percent of the respondents admit security is not taken seriously because their organization is not perceived as being vulnerable to attacks. Anecdotal evidence from channel partners indicates that enough SMBs are getting hit with attacks to convince them that security is important, even if they aren't vertical markets that are not considered especially inviting to hackers.
The survey asked respondents to identify which areas of risk they consider to threaten their businesses at the highest levels. For many, the answer is focused not only in the threats they understand but also on certain things of which they might not even be aware:
* 76 percent consider check or credit card fraud to be very likely
* 69 percent say proliferation of unstructured data
* 65 percent say unsecure third parties including cloud providers
* 62 percent say not knowing where all the sensitive data is located
Proper IT security is a discipline of sorts. Since the threats are constantly evolving, security solutions must evolve along with them. This translates to additional budget requirements in an era when SMBs are trying to run lean and mean. But for many of the respondents, the issue was around resources of a more human nature:
* 64 percent cited insufficient people resources as a primary barrier to achieving effective security
* 50 percent noted lack of central accountability
* 41 percent listed lack of monitoring and enforcement of end users
When asked about the impact of data breaches, more than half of the respondents cited the loss of time and productivity most frequently. The second most frequent response involved damage to the company's brand. According to the findings among companies that experienced a data breach, the survey found the following:
* 42 percent of U.S. respondents stated they lost customers and business partners
* 41 percent of U.S. respondents experienced an increase in the cost of new customer acquisition
* 35 percent of U.S. respondents suffered a loss of reputation
The survey suggests that IT managers aim at simplicity and the bottom line in making their security purchasing decisions. The findings say 73 percent of the respondents seek products and solutions that enable easy deployment. Meanwhile, 65 percent listed low purchase cost as a primary influencer over the 60 percent who listed ease of ongoing operations and half who listed low TCO.
Among the data protection solutions most frequently purchased by the respondents, 65 percent are primarily focused on firewalls and other perimeter security technologies. Thirty-six percent turn to blacklisting and/or whitelisting tools in order to either identify content with known vulnerabilities or limit access to specific content known to be clean. Meanwhile, a significant portion of IT teams also rely on the enforcement of strict data policies, as was cited by one-third of the respondents.