The theft or loss of IT assets such as laptops and servers that store critical information would create a panic for most business owners, because of the risk of losing confidential data and damage to their reputation.
But not for Mark, the owner of a small marketing firm. Mark’s employees work from different locations and travel to multiple countries for client meetings, increasing the risk of laptops or mobile phones getting stolen.
Mark’s not panicking, though, because he uses IT management tools to update software solutions on business systems used by his employees and to remotely troubleshoot software applications or wipe data from lost systems.
Cyberattacks on small businesses are increasing. And security risks are compounded by the fact that networks keep growing, with new devices and higher volumes of data added every day.
To address the higher risk, small businesses must increase their IT security budgets. But the IT department finds itself competing for budget with HR, marketing, and sales teams. In fact, 45 percent of cybersecurity professionals cite lack of budget as an obstacle to improving cybersecurity.
Small business IT managers buy and implement expensive security technologies hoping to keep themselves safe from cyberattacks.
But they’re missing one crucial thing: Employees are the weakest link in their cybersecurity strategy.
Ninety percent of successful cyberattacks are executed with information stolen from unsuspecting employees. Twenty-eight percent of cyberattacks involve an insider. In fact, one out of every five security breaches is the result of human error.
Security concerns rank No. 2 among the challenges faced by small and midsize businesses, according to our survey.1
Seventy percent of cyberattacks target small businesses, which, on an average, lose around $80,000 per attack, not to mention the lost business opportunities and damaged reputation.
To safeguard your business from hackers and harmful bots, you must have multiple defense mechanisms to ward off attackers from different fronts.
The key challenge for small business owners is tackling cybersecurity with limited budgets and IT expertise, while juggling other pressing business and customer issues that take up the bulk of their time and resources.
Eighty-six percent of small businesses do not have effective means to mitigate cyber risks. For most, the only precaution in place is antivirus software, despite the fact that 43 percent of cyberattacks target small businesses.
According to Symantec, 35 percent of users have at least one unprotected device—and that figure is expected to increase as more devices are connected to the network with the rapid growth of the internet of things (IoT).
Choosing between endpoint security and antivirus software for protection depends on many factors: the size of your network, the presence of remote workers, business policies such as BYOD (bring your own device), the need for centralized security controls, and the security features you require.
Small businesses that make the wrong choice of security investment—endpoint security versus antivirus software—are leaving themselves open to multiple security risks or will end up wasting a good part of their security budget, or both.