SMBs Underestimate Potential Damage from Data Breaches

By Erin Harrison November 19, 2012

While small and medium-sized businesses (SMBs) are aware of potential security threats, they appear to underestimate the damage they can cause their business, according to a new study of U.S. and U.K.-based SMBs.

The top three threats to their organizations listed by U.S. respondents included “proliferation of unstructured data,” (69 percent), “unsecure third parties including cloud providers,” (65 percent) and “not knowing where all sensitive data is located, (62 percent),” according to the Faronics-commissioned study, “State of Cyber Security Readiness,” which was conducted by The Ponemon Institute.

In addition, more than three quarters of respondents in both the U.S. and U.K. – 76 percent and 77 percent respectively – cited check or credit card fraud either “likely” or “very likely” as the threats most likely to affect their organization’s ability to achieve its business objectives.


Image via Shutterstock

“Although organizations have become more aware of potential threats, they do not seem to accurately perceive the repercussions associated with data breaches,” Dmitry Shesterin, vice president of product management at Faronics, said in a statement. “Findings indicate that organizations do not understand the full costs and damages they will suffer as a result of a data breach. These organizations need to become more proactive about their security programs in order to minimize the damage they will inevitably experience from one, if not more, data breach.”

U.K. respondents’ concerns regarding security were slightly different: 62 percent believe “proliferation of end-user devices” is a key issue, as well as “lack of security protection across all devices,” (cited by 56 percent) and “unsecure third parties including cloud providers,” (53 percent).

The majority of U.S. SMBs (64 percent) cited lack of personnel as a primary barrier to achieving effective security; meanwhile, 62 percent of U.K. respondents consider “the complexity of compliance and regulatory requirements” as a key barrier. In addition, 50 percent of U.S. respondents noted “lack of central accountability” and 41 percent listed “lack of monitoring and enforcement of end users.”

In terms of the impact of data breaches on their organizations, more than half of U.S. and U.K. respondents cited the loss of time and productivity most frequently. Both U.S. and U.K. respondents also listed damage to their organization’s brand second. According to the findings among companies that experienced a data breach:

  • 42 percent of U.S. respondents and 38 percent of U.K. respondents stated they “lost customers and business partners”
  • 41 percent and 34 percent of U.S. and U.K. respondents, respectively experienced an increase in the “cost of new customer acquisition”
  • 35 percent of U.S. respondents and 31 percent of U.K. respondents “suffered a loss of reputation.”

“This is the first study to investigate what smaller companies in North America are doing to prevent and detect cyber attacks,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “Results indicate that companies tend to seriously underestimate the potential damage to brand and reputation, revealing a great data breach perception gap. Misconceptions about the consequences associated with a data breach are preventing organizations from implementing the necessary financial tools, in house-expertise and technologies to achieve cyber readiness.”




Edited by Brooke Neuman

Executive Editor, Cloud Computing

SHARE THIS ARTICLE
Related Articles

The NFL and Twitter Just Put Fans in Charge of the Future of Sports Viewing

By: Special Guest    5/26/2016

Ask ten people you know what the last thing they viewed live was and eight of them will tell you, a sporting event. The others may cite the occasional…

Read More

10 Tech Tools to Get You Through 2016

By: Drew Hendricks    5/24/2016

A great example of how simple tech innovations can make even the smallest things in our lives a little easier, the Oombrella, developed by Wezzoo, is …

Read More

The Bigger Picture Behind Facebook's Bias Accusations

By: Special Guest    5/23/2016

Facebook recently followed up with a stern position that there was no biased manipulation of presented topics in its 'Trending Topics' section.

Read More

Tamiami Angel Fund II Adds 10th Company to Investment Roster

By: Steve Anderson    5/19/2016

The Tamiami Angel Fund II (T2) has been busy in recent months, adding a slate of new investment targets to its roster. T2 recently added one new opera…

Read More

Artificial Intelligence is no Longer Science Fiction, It's a Reality

By: Special Guest    5/18/2016

Talend Chief Evangelist says rather than being frightened by the perceived threat of AI, it would be wise to embrace the possibilities.

Read More