Topline
Information security is a high priority for small business owners. However, a 2005 survey by the Small Business Technology Institute reveals that small business owners:
- Don't really understand the true economic impact of information security exposures
- Don't really understand the very real threats they need to manage against
- Tend to be much more reactive after a security incident than proactive to significantly reduce the possibility of such an event occurring
Purchase influencers and decision makers are primarily non-technical, and need to be educated about:
- Their true level of vulnerability, quantified in business terms
- Their company's ability to deal with threats
- How to approach the problem from both a business and a technical perspective
As the global business eco-system becomes ever more inter-connected and small businesses become more and more electronically linked to larger supply chains, their lack of information security readiness will spread the risk through all levels of the economy.
Key Statistics
- Approximately 70% of small businesses consider information security a high priority, and more than 80% exhibit confidence in their existing protective measures.
- ...but 56% have experienced one or more security incidents in the past 12 months...making perception at odds with reality.
- 74% of small businesses do not have an information security plan.
- At lease 40% of even the smallest businesses utilize local networks and mobile computing tools
- ...but almost one-fifth of them do not use virus scanning for e-mail - one of the most basic and widely known information security protection measures
- ...and over 60% do not protect their wireless networks with even the simplest form of encryption
Source: Small Business Technology Institute Survey, July 2005
