Small businesses underestimate cyberthreats from employees

A new study has found that only 36% of small businesses (up to 50 employees) worldwide worry about their staff’s carelessness leading to a cyber attack, while more than half of medium-sized businesses (53%) and large enterprises (51%) consider it a concern.

According to the 2016 Kaspersky Lab Corporate IT Security Risks survey, in North America, small businesses (31%) are even less concerned about cyber threats as the result of employee carelessness than the global average, while medium-size businesses (45%) and large corporations (50%) express their concern.

Uninformed or careless staff, whose inappropriate use of IT resources can put any organisation’s cyber protection in jeopardy, regardless of the type or size of the business. These findings show that small businesses need to become more aware of these potential threats to the organisation and implement protective security measures to avoid a cyber attack.

Worldwide, employee actions are among the top three security challenges that make companies of all sizes feel vulnerable. More than half (61%) of the businesses experiencing cyber security incidents globally admitted that careless and uninformed employee behaviour has been a contributor.

“In small businesses without dedicated IT personnel, it is often the case that staff have to implement cybersecurity themselves – for example, by installing free antimalware solutions with limited functionality,” said Vladimir Zapolyansky, head of SMB marketing at Kaspersky Lab.

“This poses major risks for a company because one employee’s carelessness can easily affect all data within the organisation – leading to instant losses in time, clients’ data and money’. Businesses should implement solutions specifically designed for small and medium-sized businesses, with protection that any IT administrator, even with low IT skills, can easily maintain from everywhere.”

More information on how businesses perceive IT security challenges can be found in a recently published report, Business Perception of IT Security: In the Face of an Inevitable Compromise.