Small businesses lack cyber protection — largely because they don’t think they need it, according to a new study from Digital.com, conducted by Pollfish.
Of the SMBs polled, 51% don't have protection against cyber attacks, although 21% are in the process of developing security measures, but 30% have no such programs in place. And 7% are unsure about their status.
Small business consultant Dennis Consorte says: "Customer data is valuable, and bad actors will stop at nothing to get it. In fact, they may target SMBs because they have less budget for protecting their customers’ information and are therefore softer targets."
Of the companies without protection, 59% feel they are too small to be targeted for cyber crime. Others cite limited online business, high cost and no dedicated cybersecurity staff.
However, most of the firms surveyed collect personal information that should be protected, including:
In addition, 25% of SMBs without digital security measures collect credit-card information, while 15% store personal bank-account information and 14% file Social Security numbers.
One factor in cybersecurity is the company’s workplace model. The survey found that 27% of online-only businesses do not practice cyber-safety measures, versus 21% of those with a hybrid model.
Meanwhile, 12% have suffered cyber attacks, and 90% of those have suffered lost revenue, while 24% have had their reputation damaged and 16% have lost customers.
Some small-business owners report they have installed antivirus or anti-malware programs, using a Virtual Private Network (VPN), hiring an IT staff or external cybersecurity firm, and training staff in cybersecurity best practices.
"Customer data is valuable, and bad actors will stop at nothing to get it,” says Consorte in a comment posted by Digital.com. “In fact, they may target SMBs because they have less budget for protecting their customers’ information and are therefore softer targets."
Online survey platform Pollfish surveyed 1,250 small-business owners with 500 employees or less from March 11-March 14, 2022.