New survey finds only 9% of SMBs concerned about internal IT security threats
HOME
PAGE
MEMBER RESOURCES
ABOUT US
FORUMS
PARTNERS
PRODUCTS & SERVICES
FREE RESOURCES
LOGIN
HERE
JOIN
NOW!
You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone Community

The Streetwise Security Zone Discussion Forums are a great way to see what other managers are doing about security and what problems they have faced. You can find a lot of helpful hints and tips that could save you time and money.

You must join The Streetwise Security Zone (click HERE) in order to reply or post new items in the forums.
Author Message

NatashaWoods
Professional

Subject: New survey finds only 9% of SMBs concerned about internal IT security threats
Security Management Discussions
posted by NatashaWoods on Tuesday, September 29th 2009 @ 1:35 PM

It is estimated that nearly 90 percent of all data breaches involve insider negligence, yet the results of a survey announced today by security software provider GFI Software revealed only 9 percent of small-medium businesses (SMBs) said they are concerned about internal threats. Further, the survey found that the threat posed by employees leaving the company with confidential data was of concern to only 26%, the lowest rated. This is a concern, especially in a down economy with layoffs and benefit cuts which tend to lead to more employees who are unsatisfied with their jobs. According to a report from the Ponemon Institute announced earlier this year, a data breach costs approximately$6 million per breach, an amount that would be crippling to most SMBs.

The full survey report is available for download at http://www.gfi.com/documents/SecurityReport2009.pdf.

Other GFI survey highlights include:

  • The survey gives an indication of how threats are perceived by SMBs and their source: the IT security threats that most concern SMBs are accidental data corruption, malware attacks and external. Fifty-one percent (51%) said that they are concerned about Web-borne malware. However, only 9% said they are concerned about internal threats. The threat posed by employees leaving the company with confidential data was of concern to only 26%, the lowest rated.
  • Nearly half of SMBs underestimate the impact uncontrolled access to the Internet can have on their organization – in terms of network security, productivity levels and HR.
  • Although the majority of SMBs (61%) have security policies in place regarding Internet use, far fewer have the means to monitor and/or filter the HTTP traffic and lless than half (47%) say they have the means to do so
  • Email compliance and eDiscovery appear to be low on the list of priorities for many of the respondents. When asked if they have rules or policies governing the storage and/or retention of emails, 63% said they did not have any rules stating where emails should be stored, however of those, 18% said they were planning to do so. On the other hand, 66% of respondents do not have email retention rules.
  • Of those using Web filtering software, the majority (67%) said they use it for security against virus and malware downloads, 55% to prevent illegal and/or unacceptable Web browsing and only 36% to monitor employee browsing activity.

This survey was sponsored by GFI to assess the readiness of the small and medium businesses (SMBs) in the U.S. in dealing with security issues, and to determine how priorities in IT security have changed in the SMB market due to the current economic environment. The online survey was conducted among 540 IT professionals with decision-making authority or specific responsibility for IT security, and work at a SMB that has 500 or less employees.



Copyright 2012. Security Perspectives Inc. All Rights Reserved.