New study exposes small business information security gaps The US Small Business Technology Institute (SBTI) and Symantec Corp. have published a new report titled ‘Small Business Information Security Readiness.’ The report confirms that small business information systems are increasingly vulnerable to attack, and urges the adoption of security technology, proactive policies and stronger vigilance to protect information assets and minimise business risk. The report findings reveal that the rate of information security exposure is growing as small businesses deploy increasingly sophisticated information technology (IT) infrastructure and automate more of their business processes. The report concludes that small businesses must take immediate steps to protect themselves from the productivity and economic losses that occur when sensitive business data is compromised as a result of viruses, hackers, privacy threats or disasters. "Small businesses represent an extremely high point of exposure for the US economy based on their significant contribution to the Gross Domestic Product (GDP) and their insufficient information security readiness," said Andrea Peiro, CEO and practice director of Market Intelligence for the Small Business Technology Institute. "This issue is of critical importance to small businesses. Any data loss or system downtime resulting from security incidents can severely affect their ability to do business. SBTI has identified a significant opportunity for small businesses to mitigate the risks and improve operational control by embracing a proactive approach to information security based on solutions designed expressly for their needs." "Small businesses are just as likely to experience information security threats and risks as large enterprises, so it's pertinent they have the right resources to protect their critical assets," said Enrique Salem, senior vice president, security products and solutions, Symantec Corp. Key findings signal escalating information security risk for small businesses: * The accelerating adoption of networking and mobile computing infrastructures is driving greater security exposure for small businesses. They can significantly minimise risk by adopting more sophisticated security measures. Small business technology adoption is growing rapidly in areas such as networking, mobile computing and Internet access, even among one-person, home-based businesses. However, many small businesses lack sufficient security controls over even basic systems such as e-mail (18 percent are not secured) and wireless networks present a new area of concern (60 percent are not secured). Most small businesses (74 percent) perform no formal information security planning to counter these threats. * Small businesses consider information security a priority, but are not increasing their investment in protection to keep pace with increasing threats. The majority of small businesses (56 percent) have experienced at least one security incident in the past year, citing computer viruses, spyware and other malware as the main cause (60 percent). Yet only a small number (30 percent) have increased spending on information security solutions and less than half (41 percent) allocate a specific budget for these solutions. * Small businesses continue to call for security solutions and product information that is tailored to meet their unique needs. The majority (70 percent) of small businesses feel information security product materials could be improved to help them make more informed purchasing decisions, and small businesses continue to call for products which meet specific small business requirements. * Small businesses demonstrate limited awareness of information security issues and poor understanding of the economic consequences of related incidents. SBTI's analysis concludes that this lack of knowledge is inhibiting the adoption of adequate information security policies and solutions. Download a complimentary copy of the report from http://www.sbtechnologyinstitute.org/mi/research/security.htm (registration required).
•Date: 21st July 2005 • Region:N.America • Type:
Article •Topic: ISM |
