SMBs in denial about cyber crime: McAfee 24 July, 2008 By Vanessa Ho

PromoPipeline Exclusive Channel Promotions Find Out How You Can Make Money Today! ENROLL FREE! >> Factory Direct Should Not be Cheaper William Vanderbilt - Innovative Learning Channels Cloud Ecosystem II: A Candid Conversation with Oracle Beth Vanni - Amazon Consulting Cloud Ecosystem: A Candid Conversation with Rackspace Hosting Beth Vanni - Amazon Consulting Channel Manager Compensation William Vanderbilt - Innovative Learning Channels Financial Expertise William Vanderbilt - Innovative Learning Channels

500 IT decision makers from companies with two to 1,000 employees were interviewed and the report revealed that 44 percent felt that cybercrime was an issue for larger organizations. Another 52 percent believed that they were not well-known enough to be on the radar of cybercriminals. Almost half said they did not think they were a valuable target for cybercriminals and 46 percent did not think they would make a cybercriminal any money.

However, McAfee discovered that a third (32 percent) of North America's SMBs have been attacked more than four times by cybercriminals in the last three years. The impact was that a quarter of those attacked (26 percent) took an entire week to recover. Canadian businesses were most affected with a third (36 percent) taking a week to recover.

"SMBs are truly exposed to the same cyber threats as their enterprise counterparts," said Darrell Rodenbaugh, senior vice-president of the mid-market segment at McAfee. "In fact there are some experts that would say they are greater targets because it is popularly known [SMBs] don't have the same protection in place that their enterprise counterparts do."

He added the reality is IT managers in SMBs face a paradox. They understand that are at risk but they are faced with limited resources and a lack of time. McAfee found that almost half of SMBs (42 percent) have just one hour a week to spend on proactive IT security management despite the fact that almost one in five (21 percent) acknowledged that an attack could put them out of business.

"Since many of the SMBs surveyed have just one hour per week to spend on IT security, our advice is to find a trusted partner that can help them assess their risk," stated Rodenbaugh. "Choosing a managed solution and outsourcing security helps SMBs free up their time to focus on other priorities, confident in the knowledge that their IT security needs are covered by an expert. It can also mean security technologies that are otherwise out of their price range are available to them."

He added there needs to be products developed that are smart, simple and secure to help SMBs manage this paradox as they will always be exposed to cyber crime.

Additionally, the report noted that 20 percent of those surveyed said they had strong security protection, two-thirds said they had decent protection and 20 percent said they had no protection at all, which is a result that surprised Rodenbaugh considering this day and age.

"I thought the percentage would have been in single digits but three to four years ago, [this result] wouldn't have surprised me as companies [then] were becoming more and more sophisticated and realizing they needed protection in place," he added.

Education and awareness is important to help SMBs realize they are as much at risk as large enterprises, said Rodenbaugh. He added that SMBs can implement some technologies like anti-virus to shore up their defences from traditional malware as well as e-mail and web security to protect against threats and attacks coming from e-mail and the web.

"For businesses of all sizes, viruses, hacker intrusions, spyware and spam can lead to lost or stolen data, computer downtime, decreased productivity, compliance issues, lost sales and even loss of reputation," stated Rodenbaugh. And he reiterated that just because a business is small, it doesn't mean it's immune to security threats.