Panda’s PR department sent me the following yesterday:
Panda Security, the Cloud Security Company, today announced the results of the United States edition of its second annual International Barometer of Security at small- and medium-sized businesses (SMBs). The study, which surveyed nearly 10,000 SMBs around the globe and more than 1,500 in the United States, revealed that 46 percent of U.S. SMBs have fallen victim to cybercrime, up two percent from last year’s survey.
The 2010 survey revealed there has been little to no improvement from last year in SMBs using industry standard protection methods. Thirty-one percent of businesses are operating without anti-spam, 23 percent have no anti-spyware and 15 percent have no firewall.
“Many SMBs simply don’t have the resources in terms of budget, time and human capital to devote to protecting their computers and sensitive data,” said Sean-Paul Correll, threat researcher at PandaLabs. “The study results are proof that IT service providers and vendors have an important role to play in educating small businesses on threats, and helping them determine the best way to protect themselves.”
No question there; I’m in a constant dialogue with my clients about security. In fact, I’m conducting a web chat this evening on that very subject. The problem is that people either don’t listen, don’t get it, or a combination of both. Witness these statistics from the report:
– The infection ratio at U.S. companies has slightly increased since last year (46 percent in 2010 compared to 44 percent in 2009). It has dropped in Europe (49 percent in 2010 compared to 58 percent in 2009);
– U.S. SMBs named the Internet and USBs/external memory devices as the top methods for computer infections to enter the company (32 percent). E-mail (21 percent) and downloads/P2P (14 percent) were the other popular infection points;
– Viruses are the most popular threat SMBs are encountering (45 percent), followed by spyware (23 percent).
We have our work cut out for us, fellow security wonks!