While corporations and major enterprises are often the primary targets for hackers, small and medium-sized businesses (SMES) need not forget that they could soon next.
A survey conducted by Versasec found that company size and maturity level correlate with security readiness, with SMEs falling several steps behind that of their counterparts.
The reasons these businesses are dragging their feet may be because SMEs have not traditionally been the ideal targets for hackers, or because they face less pressure than their public company counterparts, leaving them able to push the issue of security under to rug.
In the wake of numerous corporate breaches like that of Target and Home Depot, public companies have invested heavily in security solutions like File Integrity Monitoring, Change and Configuration Management, System Hardening and Vulnerability Management. Hackers have begun to realize how unprepared SMEs are to prevent or detect a breach and have become an easy target for online criminals.
According to the Versasec survey, mobility (43%), cloud usage (32%), and external devices (22%) pose the greatest security threat against their organization. Network security was also a key issue among respondents, with nearly 74 percent claiming that’s their organizations main security focused effort for 2016. Respondents also claimed that 37% of security efforts this year are being focused on the arena of cyber security.
While many individuals were quick to admit their security pitfalls, many feel they are not ready to invest in fixing these issues. 40 percent of those surveyed stated that nearly 0 to 10% of their IT budgets are allocated for security needs, and approximately 36 percent said security spending this year would consume only 10 to 25% of their budget.
SMEs need to take the steps necessary to protect their assets against cyber threats using a layered approach to IT security. Truly layered security requires a mixture of preventative security – vulnerability management with breach detection- real-time file integrity monitoring. Integration is also key in enhancing the ease of use and cost of operation. For example, automatically leveraging threat intelligence to expose breach activity when it happens.
Read this article on Business Wire