According to a new survey from Cisco, security teams at small businesses as equally as good at defending their organizations from cyber threats as the teams at bigger organizations. SMBs face the same challenges as large companies do when it comes to security. Typically, they have fewer people and a smaller budget to combats these threats.
In the survey, Cisco presents 10 myths surrounding security in a small business. A few myths to highlight include:
Myth: Larger businesses suffer less downtime and recover faster from an attack. While some argue that when a SMB falls victim to a cyberattack that it does not have the resources to rebound as quickly as a large organization. According to Cisco’s research, there is very little difference in the amount of downtime suffered by SMBs and larger organizations.
Myth: SMBs lack personnel dedicated to security. There is an assumption that smaller organizations do not have dedicated resources to cybersecurity. However, less than 1% of SMBs reported they didn’t have at least one person dedicated to security.
Myth: SMBs face different threats than larger businesses. Ransomware does not discriminate by company size, and cybercriminals are attacking all sized businesses. For both SMBs and large enterprises, ransomware is the #1 most likely threat to cause more than 24 hours of downtime.
Myth: SMBs don’t proactively perform cyber threat testing. This is false. 72% of smaller organizations have employees regularly test cybersecurity threats compared to 76% of larger organizations. While the amount of resources affects the level of maturity of these tests, SMBs value and embrace a proactive approach towards cybersecurity.
Myth: SMBs don’t test their incident response plans. Only 1% of SMBs have never tested their cybersecurity response plan if faced with an attack. 45% test once every 6 months, compared to 49% at larger organizations. The results are very similar when looking at the percentage of teams that test once a year, once every 2 years, rarely, and never when comparing any sized business.
Myth: SMBs can’t measure the efficiency of their security programs. The assumption is that small businesses don’t have the processes in place to measure the effectiveness of their security systems. However, 86% of SMBs say they have clear metrics and 90% of large enterprises agreed.
SMBs are taking cybersecurity as seriously as any large-sized organization. Make sure your organization is doing the same. Let Blue Star get you protected today.