Cyber defences of SMEs lag behind larger firms, study confirms

Small to medium-sized enterprises (SMEs) suffer more from malware than larger organisations, but their security procedures are lagging behind, says security firm, Kaspersky Lab.

Download this free guide

The importance of web security

Join us as we take a look at the different approaches you can take in order to bolster your web security. We find out how to identify and address overlooked web security vulnerabilities, how security controls affect web security assessment results and why web opportunities must be met with appropriate security controls.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

SMEs are typically more vulnerable to viruses, worms, spyware and other malicious software, according to Kaspersky Lab’s latest Global IT Security Risks survey.

The survey, which polled more than 3,000 information security professionals in 22 countries, found that 63% of small companies and 60% of medium-sized organisations have faced malware within the business network over the past 12 months.

Larger companies, by contrast, tend to suffer more from other threats, such as corporate espionage, phishing and distributed denial of service (DDoS) attacks.

Smaller organisations were also found to implement fewer, or less well-developed, IT security measures than large-scale enterprises.

Some 19% of small businesses and 15% of medium-sized organisations agreed that their business tends to be reactive, focusing on IT security only after a breach has occurred. Less than a quarter of SMEs rate themselves as “really proactive”.

The study also found that larger enterprises have a higher level of awareness and IT security competency. About half of these enterprises use only licensed and paid security solutions, while 70% of respondents from small companies and 58% of medium-sized businesses believe that unlicensed products can also provide the required protection.

“These findings demonstrate that SMEs are at risk due to poor IT security. It is essential to change attitudes towards this risk, and enhance protection levels, in order to keep businesses safe,” the survey report said.