NEY, Australia – 21 November 2011 – Symantec Corp. (Nasdaq: SYMC) today announced the findings of its 2011 SMB Threat Awareness Poll, which revealed that while awareness is high, SMBs don’t consider themselves targets of cyberattacks. As a result, they are not implementing the proper safeguards to protect their information. The SMB Threat Awareness Poll examined the awareness levels of small and medium sized businesses (SMBs) regarding the dangers of security threats, and how well they are prepared to defend against them.

“While SMBs know the dangers of cyberattacks, many of them don’t recognise they are at risk,” said David Dzienciol, Symantec’s vice president for SMB and Channel, Asia Pacific and Japan. “Cybercriminals don’t choose their targets based on the size of the business. They are seeking confidential information for financial gain and SMBs are increasingly appealing targets when their guard is down.”

“It is more important than ever for SMBs to take the necessary steps to keep their information safe. Simple initiatives such as education and adopting best practice processes and technologies can significantly strengthen their cybersecurity measures.”

Survey Highlights

• SMBs are familiar with security threats

The survey shows that more than half of SMBs are familiar with many different security threats to the business, including targeted attacks, keystroke logging, and the risks that come with using smartphones for company business. More than half (54 per cent) stated that malware would cause a loss of productivity, and 36 per cent recognised that hackers could gain access to proprietary information. In addition, respondents said a targeted attack would impact the business. Forty-six per cent stated that a targeted attack would cause a revenue loss and 20 per cent said it would drive customers away.

• SMBs don’t see themselves as targets

Surprisingly, although SMBs know the dangers of cyberattacks, they don’t feel they are at risk. In fact, half of SMBs think that because they are a small company, they aren’t in danger – it’s primarily large enterprises that have to worry about attacks. This is in direct contrast to the evidence. According to data from Symantec.cloud, since the beginning of 2010, 40 per cent of all targeted attacks have been directed at companies with fewer than 500 employees, compared to only 28 per cent directed at large enterprises.

• SMBs not taking action

Because SMBs don’t see themselves as targets, many of them are failing to take basic precautions to protect their information. While two-thirds restrict who has login information, a shocking 63 per cent don’t secure machines used for online banking and 9 per cent don’t take any additional precautions for online banking. More than half (61 per cent) don’t use antivirus on all desktops, and 47 per cent don’t use security on mail servers/services.

Recommendations

In order to keep sensitive corporate information safe, there are several simple practices SMBs can follow to protect against cyberattacks.

• Educate employees: Develop Internet security guidelines and educate employees about Internet safety, security and the latest threats. Part of the training should focus on the importance of regularly changing passwords and protecting mobile devices
• Assess your security status: SMBs are facing increased risks to their confidential information, so safeguarding data is critical. One data breach could mean financial ruin for an SMB. Know what you need to protect. It’s important to understand your risks and security gaps so that you can take steps to protect your information
• Take action: Be proactive and develop a security plan. Consider items such as password policies, endpoint protection, the security of email and Web assets, and encryption. You should also evaluate whether on-premise or a hosted service would best suit the needs of your organisation

Symantec’s 2011 SMB Threat Awareness Poll
Applied Research fielded this survey by telephone in September 2011. They spoke with 1,900 organisations worldwide. Of the organisations surveyed, 25 per cent came from businesses with 5 to 49 employees, 25 per cent came from businesses with 50 to 99 employees, 25 per cent came from businesses with 100 to 249 employees, and 25 per cent came from businesses with 250 to 499 employees. In all cases they spoke to the person who managed their computing resources. The survey includes 700 respondents from 10 countries in the Asia Pacific and Japan region including Australia, Indonesia, Japan, Malaysia, New Zealand, Philippines, Singapore, South Korea, Thailand and Vietnam.

Resources

• Report: SMB Threat Awareness Poll Global Results 2011
• SlideShare: SMB Threat Awareness Poll Global Results 2011

Connect with Symantec

• Follow Symantec on Twitter
• Join Symantec on Facebook
• Subscribe to Symantec News RSS Feed
• View Symantec’s SlideShare Channel
• Visit Symantec Connect Business Community

About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organisations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.