When it comes to security, small and midsize businesses are largely unaware of the risks they face. Cybercrime is a serious problem which affects businesses of all sizes and can have devastating consequences.

U.S. small businesses should understand they cannot completely remain safe from cyber-threats if they do not take the necessary precautions. Although such threats existed long before malware emerged, data theft, fraud and industrial spying are all now typically conducted through cyber-attacks. The picture painted is of an environment under siege, with an alarming 41% of businesses acknowledging themselves less than ready to face cyber-threats.

Kaspersky Lab and B2B International recently conducted a survey among IT professionals working for large and medium-sized businesses to find out what IT specialists thought of corporate security solutions, to determine their level of knowledge about current threats, the sort of problems they most often face, and their ability to evaluate the risks associated by cyber-threats.
The Hacker News

Other key points included in the report:
  • The most common threats faced by IT specialists are malicious programs, spam, phishing, network intrusions and targeted attacks
  • Internal threats can be just as dangerous as external threats: the most common internal threat faced by IT professionals is software vulnerabilities, followed by data leaks due to the actions of staff or loss/theft of a device
  • 67% of respondents cited anti-malware as the main protection against cyber-threats, followed by software updates, the implementation of different levels of access rights to various IT systems, and encryption
  • The main problems IT security specialists face that result in an inability to perform their duties are budget constraints and lack of a clear understanding of IT security issues among senior managers
  • Increasing the level of computer literacy among staff is an essential element of security, while top management must be fully aware of the potential consequences of cyber-threats and understand that reliable protection of the corporate network is necessary to ensure the effective development of a company's IT infrastructure

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.