Webroot unveiled its latest report – “State of Internet Security: Protecting Small and Medium Businesses” which highlights startling survey results surrounding Internet security threats among SMEs worldwide.
Consistent around the world, SMEs make up the overwhelming majority of the world’s business landscape, totaling more than 99.5 percent of all businesses in each country surveyed and representing more than 50 percent of the GDP in each country. Because of the sheer number of SMEs worldwide, they are easy for criminals to find and have several consistent internal attributes that heighten their Internet security risk including:
- Pervasive Internet use. Seventy-seven percent of SMEs said their success depends on the Internet.
- Home-based and remote workers. Up to 52 percent of new businesses are home-based or remote.
- The need to store valuable customer and employee data due to online sales.
According to the report released by Webroot, SMEs are increasingly connected in order to do business, but there are a number of other factors impacting their IT security including:
- Lack of in-house security expertise.
- Limited budget and resource constraints.
- A constant struggle to keep pace with a growing mobile workforce.
- Absence of policies managing personal use of work computers.
- Increasing volume of sensitive customer and employee data.
- A rapidly evolving threat landscape.
- Low Awareness and Misperception of Real Problem. In all six countries surveyed, SMEs reported viruses and worms as more of a threat than spyware, yet last year spyware threats increased 254 percent while viruses were on the decline.
- High Virus Infection Rates Despite Protection. Approximately 96 percent of respondents reported that they have an antivirus solution installed, but more than 60 percent of respondents in Canada, France and the U.S. still reported a virus infection in the past year, which reflects the need for broader protection due to the increasingly complex nature of malware threats, and the need for someone to help manage the solution.
- Lack of Policies for Perceived Threats. To the extent that SMEs view employee errors and data theft as serious threats, 40 to 60 percent lack a policy to restrict or monitor employees’ personal use of work computers.
- Limited or No IT Staff. Approximately 40 percent of SMEs in Japan reported having no IT department at all, while three-fourths of SMEs surveyed have fewer than ten people in IT. The lack of in-house security expertise helps explain why 61 percent of SMEs have never sought information about how to properly protect customer and employee data.
The State of Internet Security report is issued quarterly as an in-depth review and analysis of the most pressing computer and data security-related concerns. Each report focuses on a specific aspect of information security, and provides industry data, trends and best practices in light of the threat landscape.
The complete report is available here.