WASHINGTON and MOUNTAIN VIEW, Calif. – October 15, 2012 – U.S. small business owners or operators have a false sense of cybersecurity as more than three-fourths (77 percent) say their company is safe from cyber threats such as hackers, viruses, malware or a cybersecurity breach, yet 83 percent have no formal cybersecurity plan. These findings are from a new survey released today of 1,015 U.S. small- and medium-sized businesses (SMBs) by the National Cyber Security Alliance (NCSA) and Symantec.
This annual survey is being released in conjunction with National Cyber Security Awareness Month, a coordinated national effort focused on improving online safety and security for all Americans. The survey findings reveal some disparities such as the need for establishing Internet security policies and practices, handling and responding to data breaches, and providing consistent IT/security management at their businesses. Although SMBs increasingly rely on the Internet for daily operations, they are not taking the necessary measures to keep their businesses safe and secure:
"We want U.S. small businesses to understand they cannot completely remain safe from cyber threats if they do not take the necessary precautions," said Michael Kaiser, executive director of the National Cyber Security Alliance. "A data breach or hacking incident can really harm SMBs and unfortunately lead to a lack of trust from consumers, partners and suppliers. Small businesses must make plans to protect their businesses from cyber threats and help employees stay safe online."
"It's terrifying that the majority of U.S. small businesses believe their information is protected, yet so many do not have the required policies or protection in place to remain safe," said Brian Burch, vice president of Americas Marketing for SMB, at Symantec. "Almost 40 percent of the over 1 billion cyberattacks Symantec prevented in the first three months of 2012 targeted companies with less than 500 employees. And for the small, poorly protected companies that suffer an attack, it's often fatal to their business."
Additional survey findings revealed the disparities between online safety perceptions and actual practices, which include:
On a positive note, companies born of the recession are leading by example. Companies born since 2008 are almost 20 percent more likely than older small businesses to have a written plan in place for keeping their business secure from cyber threats.
Small businesses can improve their online safety practices in a number of areas, especially when it comes to establishing policies and protocols for safe Internet use, with these simple ways to stay safe online:
For additional information on how to prevent cybercrime before it happens, check out the STOP. THINK. CONNECT. Campaign at http://stopthinkconnect.org/tips-and-advice/. NCSAM supporters can get the latest news and updates on Facebook at www.facebook.com/staysafeonline and on Twitter at @StaySafeOnline. The official Twitter hashtag of NCSAM is #ncsam. The National Cyber Security Awareness Month Web Portal is also available at: http://www.staysafeonline.org/ncsam/ and a calendar of additional NCSAM events can be found at: http://staysafeonline.org/ncsam/events.
JZ Analytics conducted the small business survey from September 27-29, 2012. The survey firm, founded by John Zogby, surveyed 1,015 U.S. small businesses (less than 250 employees) across the United States. The margin of error is +/- 3.1 percentage points and margins of error are higher in sub-groups. The full study and a fact sheet are available at: http://www.staysafeonline.org/stay-safe-online/resources/.
The National Cyber Security Alliance is a non-profit organization. Through collaboration with the government, corporate, non-profit and academic sectors, the mission of the NCSA is to educate and empower a digital citizenry to use the Internet securely and safely protecting themselves and the technology they use and the digital assets we all share. NCSA board members include: ADP, AT&T, Bank of America, EMC Corporation, ESET, Facebook, Google, Intel, McAfee, Microsoft, PayPal, Science Applications International Corporation (SAIC), Symantec, Trend Micro, Verizon and Visa. Visit www.staysafeonline.org for more information and join us on Facebook at www.facebook.com/staysafeonline.
Symantec protects the world's information, and is the global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our industry-leading expertise in protecting data, identities and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at: go.symantec.com/socialmedia.
The campaign was developed by the STOP. THINK. CONNECT. Messaging Convention, a public-private partnership established in 2009 and led by The Anti-Phishing Working Group (APWG) and National Cyber Security Alliance (NCSA) to develop and support a national cybersecurity awareness campaign. The Department of Homeland Security provides the Federal Government's leadership for the campaign. Industry, government, non-profits and education institutions participate in STOP. THINK. CONNECT. Learn how to get involved at the STOP. THINK. CONNECT. Facebook page at https://www.facebook.com/STOPTHINKCONNECT, on Twitter at @STOPTHNKCONNECT, and the campaign website at www.stopthinkconnect.org.