A new study carried out by AMI Partners, on behalf of McAfee claims that 62.5% of businesses surveyed have experienced a cyber attack in the last year.
The research surveyed 200 businesses (25 to 200 employees) and found that 62.5% of respondents have experienced a cyber-attack in the form of virus, worm or Trojan in the last 12 months, with 51.5% of the surveyed business compromised three or more times.
Technology decision makers were interviewed via telephone and the aim was to observe the different security threats and challenges businesses face, and the impact they’ve had.
Amongst the respondents, 44.5% indicated they experienced a security breach or data loss due to deliberate sabotage from current or ex-employees in the last year.
Results show that of those technology decision makers surveyed, 25% aren’t confident that their business is sufficiently protected from electronic threats.
“Our research is a wakeup call for SMBs indicating that it’s not just the larger companies out there which are targeted by cyber-attacks, but smaller companies with a limited investment in infrastructure as well,” said Robbie Upcroft, SMB Lead at McAfee Asia Pacific.
Of the SMB respondents, 78% use the Bring Your Own Device (BYOD) policy. This enables employees to buy technology devices and use them for work. The other 22% of surveyed businesses only allow approved devices provided by the company.
“BYOD is a fascinating area of security as it is changing the face of IT security with the quite justifiable demand of employees to use their own devices for work purposes, that is now opening up enormous amounts of confidential business data to relatively insecure, or even totally insecurity, devices,” said Upcroft.
Results show 56% of respondents do not have any form of antivirus or mobile device management on employees’ smart devices and 18% have no idea if they do.
“SMBs need to realise that the true price of BYOD is a lot larger than they might initially think – especially with so many making no move at all to have mobile device management or antivirus on these devices holding their business data,” commented Upcroft.
Of those technology decision makers surveyed, 55% have said they have experienced a loss of notebook or desktop in the last year, 29% of them have had this happened three or more times.
The theft or laptop or PC has been experienced by 47% of SMBs surveyed, 29.5% have experienced this three or more times in the past 12 months.
“Whether SMBs need education on the kind of threats to their business that are out there, or whether it’s something even more practical, such as a managed service provider taking over their security operators, the sector appears to need all the help it can get,” adds Upcroft.
Half of SMB respondents were unaware of the changes to Australian Privacy Act (1988) that will be implemented from March 2014 regarding the increase of penalties, which may be imposed on businesses that have made serious breaches of privacy.
The Privacy Amendment (Enhancing Privacy Protection) Bill 2012 was passed in November last year declaring that public and private businesses will face stricter privacy requirements. In the media release last year, the privacy commissioner urged all businesses to start preparing to ensure they are complying with current privacy policies and business processes and practices.
There are 55.5% of those surveyed that believe these changes will have no impact on privacy procedures.
“Simply put, good privacy equals good business. With less than ten months until the changes to the Privacy Act come into play, SMBs should seriously consider how these changes may affect their businesses,” said Joel Camissar, practice head data protection at McAfee Asia Pacific.