A recent study by the Ponemon Institute found that SMBs are not taking IT security seriously. The study involved 2,000 small to midsize businesses from around the world. The majority of respondents, 58 percent, said that senior management didn’t identify their organization as being at risk of cyberattacks.
Respondents also said that those in higher level positions “lacked certainty” about specific IT threats to the organization—meaning the less involved the managers were with IT security, the less seriousness they put upon such threats to the organization.
The report identified the top three significant issues that prevent SMBs from adopting a strong security stance as:
- Failure to prioritize security (44 percent)
- Insufficient budget (42 percent)
- Lack of in-house expertise (33 percent)
According to Larry Ponemon, president of Ponemon Institute:
Small and mid-size organizations simply cannot afford to disregard security. Without it, there’s more chance that new technology will face cyberattacks, which is likely to cost the business substantial amounts. CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. The industry needs to recognize the potential dangers of not taking cybersecurity seriously and create support systems to improve SMB security postures.