Home News 60% of Small Businesses Do Not Have a Cybersecurity Policy: Survey

60% of Small Businesses Do Not Have a Cybersecurity Policy: Survey

2020 is the “Worst Year on Record” in Terms of Data Breaches: Survey

Social distancing amid COVID-19 has forced millions of businesses to set up remote workstations that rely solely on Web applications and services (SaaS) to conduct business operations.  According to a new survey by the Cyber Readiness Institute (CRI), the virtual workplace has increased cybersecurity concerns for small business owners, as most of them have not implemented remote working policies to address cybersecurity threats.

The survey, which included 412 small business owners, revealed that while most small business owners are concerned about cyberattacks, many  lack the resources to invest in necessary security measures – and  half of them are worried that remote work will lead to more cyberattacks. It revealed that only 40% of small businesses have implemented a cybersecurity policy. Around 40% of businesses stated that economic uncertainty prevents them from making security investments. While 46% have offered training to help their employees stay secure while working remotely.

Nearly 51% of business owners surveyed said they provided employees with technologies to improve cybersecurity for remote work. And 55% of them said they believe federal and state governments should provide funding for cybersecurity products and services.

“These are extremely challenging times for companies, especially small businesses, as revenue and resources are as unpredictable as they have ever been. However, cybersecurity investments aren’t always tied to dollars and cents. Several free tools, that focus on human behavior, offer important guidance on helping small businesses become more cyber ready. The cyber hygiene basics will go a long way in keeping small businesses resilient in this time of increased threats,” said Kiersten Todt, Managing Director of CRI.

How Small Businesses Can Protect Themselves from Cyberattacks

Small Medium Businesses (SMBs) must start taking cyberthreats more seriously, and this starts with education – for business leaders as well as employees. Many SMBs have convinced themselves that they’re incapable of protecting themselves from cyberthreats, but this couldn’t be further from the truth. Not only are there powerful security tools at their disposal – such as data-at-rest encryption and multi-factor authentication – but they’re also capable of turning one of their biggest vulnerabilities into a strength.

Human error is by far the biggest cause of cybersecurity breaches. While this is disconcerting, it’s also empowering – when SMBs make cybersecurity training a top priority, they can drastically reduce their risk without spending tens of thousands of dollars on cutting-edge digital solutions. This isn’t to say technology isn’t an important element of cybersecurity, but it’s always worth remembering that the most advanced piece of hardware on the planet is the human brain.

One in Three SMBs Rely on Free Cybersecurity Tools or Nothing

One in three small businesses with 50 or fewer employees rely on free or consumer-grade cybersecurity tools stated a research commissioned and published by BullGuard. The research also pointed out that one in five companies do not use any endpoint security whatsoever. The research, which surveyed small businesses in the U.K. and the U.S., suggested that nearly 43% SMB owners are not prepared for a potential cyberattack or breach leaving their most sensitive financial, customer, and business data at risk.