sb-as logo
Story image

SMEs need to up their security game or risk becoming a target

SMEs are trailing far behind their larger counterparts when it comes to securing their data, according to new research from Versasec.

Joakim Thorén, Versasec CEO, says some reasons for the disparity in security readiness may be that SMEs have not as often been the targets of hackers, privately held companies don’t face the same pressures for security as do their public-company counterparts, and that they simply may have pushed off the issue.

However, as larger companies become increasingly sophisticated around security, hackers are re-aiming their sites at smaller companies, and many are simply not prepared, he says. For instance, of those surveyed, nearly 40% admitted they would like to better understand smart card management tools to help them meet their company’s security needs.

Other key findings of the study, which polled information technologists in a broad range of industries, included the following:

Mobility is daunting: Respondents from companies of all sizes cited mobility as the technology that poses the greatest security concern for them (43%). Other concerns include cloud usage (32%) and external devices/BYOD implementations (22%). The crux here, however, is that although SMEs are mature enough to recognise these security challenges, they may not be ready yet to invest in addressing them, as is evidenced by the next data point, Versasec says.

Network security is a key focus: Survey respondents said network security, at 74%, was where they are focusing their security efforts this year. Other key areas for investments in security include physical security (43%), two-factor identification (41%), and cyber security (37%).

Heavy reliance on simple security: The vast majority of respondents (86%) say username and password are a primary method for authenticating access to their company’s data, despite the very public breaches faced by many companies over the last few years. Physical smart cards are in use at slightly more than half the companies (54%). Other methods the companies said they use include public key infrastructure (43%) and one-time password (31%). Biometrics and virtual smart cards are distant followers, at just 16% and 12%, respectively.

Budgets are not security focused: Slightly more than 40% of those surveyed said their companies have committed just 0% to 10% their IT budget on security for 2016. Approximately 36% said security spending this year would consume between 10% and 25% of their budget. An additional 12% said they would spend between 25% and 50% of their budget on security.

“It will be interesting to look at these numbers in a year’s time and see whether the SMEs are stepping up their security spend, and why. For now, we are encouraged to see the interest in using smart cards as it’s the easiest and most cost effective way for securing a company’s IT domain today,” Thorén says.

Story image
Network visibility is the crux of security in 2020
Resilience sits at the heart of security, and there is a need for organisations’ architecture, processes and strategies to be more impervious in order to continue to ensure protection, writes Gigamon A/NZ manager George Tsoukas.More
Story image
Microsoft takes legal action to disrupt botnet and combat ransomware
Microsoft has announced it took action to disrupt a botnet, Trickbot, one of the world's most infamous botnets and prolific distributors of malware and ransomware.More
Story image
Video: 10 Minute IT Jams - Security expert discusses changing cyber-attacker behaviour
In this Jam to SonicWall senior manager of product marketing Brook Chelmo, who talks about the specific changes in cyber-attacker behaviour he's seen unfold this year, as well as some best practices that should be employed by CISOs to combat increasing risk profiles.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Ransomware attacks skyrocketed in past three months - Check Point
The daily global average of ransomware attacks jumped 50% in last quarter, compared to 1st half of 2020.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More