Symantec’s 2011 SMB Threat Awareness Poll examines the awareness levels of small and medium sized businesses (SMBs) regarding the dangers of security threats, and how well they are prepared to defend against them. The survey revealed that while awareness is high, SMBs don’t consider themselves targets of cyberattacks. As a result, they are not implementing the proper safeguards to protect their information.
2. Methodology
• Survey performed by Applied Research
• 1,900 organizations worldwide
• SMBs (5 – 499 employees)
• Person in charge of computing resources
• Cross-industry
3. Key Findings
• SMBs are familiar with security threats and their impact
• SMBs don’t think they’re a target
• Not taking action
4. SMBs Are Familiar With Security Threats
• More than half of SMBs are somewhat/completely familiar with security
threats to the business:
– Distributed Denial of Service (55%)
– Shortened URLs (55%)
– Using smartphones for company
business (58%)
– Keystroke logging (58%)
– Targeted attacks (59%)
5. Impact of Malware to the Business
• Productivity would drop (54%)
• Hackers could gain access to proprietary information (36%)
• A targeted attack would drive
customers away (20%)
• A targeted attack would cause
revenue loss (46%)
6. Rate Security Threats as Moderate Risk to Business
• Rated the following as posing moderate risk to the organization
– Keystroke logging
– DDoS
– Website vulnerabilities
– Targeted attacks
– Using smartphones for company business
• Why?
7. SMBs Don’t Think They’re a Target . . .
• Half of SMBs stated that because they’re a small business, they’re not a
target for cybersecurity attacks
8. Not Taking Action
• Don’t know how to deal with DDoS attacks
• Participate in online banking without all of the safeguards
• Many haven’t implemented basic malware protection