SMB’s are falling behind in cyber security — is your company?

Considering October is Cyber Security Awareness Month, now is a good time to ask yourself the question: How often do you think about your company’s cyber security?

If your answer is “not often,” you have something in common with other small and medium businesses (SMBs).

As detailed in the Cisco 2015 Annual Security Report, SMBs show signs that their defenses against attackers are weaker than their challenges demand. Most surprisingly, they are using fewer processes to analyze compromises and fewer threat defense tools than they used last year. For example, 48 per cent of SMBs said in 2015 that they used web security; 59 per cent said they did in 2014. Only 29 per cent said they used patching and configuration tools in 2015, compared with 39 per cent in 2014.

In addition, of the SMB respondents that do not have an executive responsible for security, nearly one-quarter do not believe their businesses are high-value targets for online criminals. This belief hints at overconfidence in their business’s ability to thwart today’s sophisticated online attacks—or, more likely, that attacks will never happen to their business.

The repercussions of a cyber attack extend beyond the walls of the organization. Small and medium businesses play a critical role in national economies. When entrusted with data by their customers, SMBs also carry the responsibility of protecting this information from online attackers. In turn, these weaknesses can place SMBs’ enterprise customers at risk. Attackers that can breach an SMB network could also find a path into an enterprise network.

The first step in solving the problem is education. SMBs need to understand the challenges they must overcome to undermine the attackers’ impact. This is crucial, considering attackers are often taking advantage of vulnerabilities that organizations and end users could have known about and addressed. With knowledge, you can close the window of opportunity against them.

The theme of Cyber Security Awareness Month—Our Shared Responsibility—underscores how we must all be accountable, and work together to improve our online safety and security. So if you don’t often think about your company’s cyber security, now is a great time to get started.

Does your company have a plan for cyber attacks? Take the free “Introduction to Cybersecurity” course offered by Cisco’s Women Entrepreneurs’ Circle to learn the necessary basics. Simply fill in this quick survey for access.