BreachExchange mailing list archives
Small-business owners don't plan for cyberattacks, survey finds
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 13 Nov 2015 15:37:10 -0700
http://www.securityinfowatch.com/news/12137401/small-business-owners-dont-plan-for-cyberattacks-survey-finds Cyberattacks on some of the nation's biggest businesses have exposed the personal information of tens of millions, yet most small businesses don't have a plan to respond to such attacks, according to a survey commissioned by Nationwide. The survey, released on Tuesday, found that 8 in 10 small-business owners do not have a cyberattack-response plan, even though a majority of them have been victims of at least one type of attack. The survey, based on results from 500 small-business owners, found that 46 percent think their current software is secure enough and 40 percent don't think their company would be affected. "We're still in the state that 'it won't happen to me,'" said Tony Fenton, an associate vice president for Nationwide. Fenton said small-business owners need to be educated on the solutions in the marketplace to help fight cyberattacks. "Maybe they don't perceive themselves as a target," he said. "But a look at the research shows that they are as much of a target as a large company." Even though many are unprepared, 73 percent of the business owners surveyed say they are concerned about cyberattacks, and 63 percent say they've been a victim of at least one type of attack, including computer viruses, hacking, data breaches and phishing. Nationwide began offering cyberinsurance a year ago that protects against cyberthreats, including the loss of a company's computer data, disclosure of information about customers and identify theft. Nationwide also provides experts to help customers work through the cyberattack and recover from it. Fenton said the risk of cyberattack is as much of a threat to small businesses as are fire and theft. "There is a gap of thinking within the small-business community," he said. "They think the software is strong enough or there really isn't a risk." Ted Johnson, the tax- and litigation-support partner with accounting firm Parms & Co. in Columbus, said the company is always worried about cyberattacks but is well-prepared to stop one. "Given the fact that we are CPAs, what better place to mine for data than a firm that does taxes," he said. The company has built enhanced firewalls and security systems meant to block potential breaches, he said. "People need to be aware that it can happen. It's out there and has been a problem," he said. One problem many businesses have faced recently is the hijacking of computer systems, demanding ransom in exchange for returning control. Johnson also said employers face risks when they allow employees to use office computers to access social-media sites such as Facebook that can expose the company to hackers. Also, employees will open emails from senders that they don't recognize. He said employers often fail to tell their employees not to do that.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Small-business owners don't plan for cyberattacks, survey finds Audrey McNeil (Nov 20)