Encouraging Small Businesses to Invest in IT Security

4:46:55 PM | 9/19/2014

Very small businesses (VSBs) do not pay due attention to network security development, thus easily becoming victims of hackers and they then have to spend a lot of fixing problems arisen.
VSBs are a vital part of the global economy, with more than 75 million in the world. VSBs are defined to have fewer than 10 employees. They are important factors and major contributors to local economic development. They create millions of jobs and generate millions of US dollars of profit each year. Moreover, 64 percent of VSBs worldwide are forecast to grow strongly in the next two years.
According to experts, small businesses also face as many online risks as big companies do because they operate in many fields, often store and process sensitive data in online banking services, including their financial information and their customers’. Although online risks are obvious, rarely any small businesses pay due attention to network security problems. According to the latest Global Corporate IT Security Risks Survey conducted by B2B International Organisation in cooperation with Kaspersky Lab, up to 41 percent of small businesses pay much attention to products, service strategies and marketing strategies, including business development, customer relationship building and corporate image enhancement. Because of much focus on branding, only 19 percent of small businesses place the second priority on IT strategies, including security, much lower than the rate of big companies. Obviously, branding investment is the core in business operations but it will be a costly mistake if a company completely forgets network security and protection.
Why are small businesses uninterested in IT security?
One reason why IT strategy is not a priority of small businesses because they tend to underestimate the degree of IT threats. They usually underrate the development of malwares than big companies. Furthermore, they believe that criminals will not waste their time and effort on small businesses because they do not have enough value for them to dig up information. But, this is not the fact. According to data breach surveys by Verizon in 2013, more than 30 percent for data breach were found in companies with 100 employees or fewer. Due to the gap in perception and reality, small businesses rarely pay attention to IT security and they accidentally give cyber criminals a great opportunity to make easy money.
What are the consequences?
The short-sighted vision sometimes results in unforeseen consequences and costs much to address security incidents. According to the Global Corporate IT Security Risks Survey 2014, the average cost of a data breach in a medium and small business may reach US$375,000. This amount includes the loss of business opportunities, the recruitment of outside IT experts to fix problems and even the purchase of new devices. The average cost of professional services for serious data loss in small businesses is US$10,000. For a very small business, this amount of cost is likely a fatal blow. The loss is not only financial. 57 percent of data loss cases affect business operations. Their image and reputation can be ruined overnight. More than a half of data loss cases stain the name of companies.
Are companies ready to invest?
Big companies are more likely to invest in software and infrastructure, staff training and professional recruitment to prevent further attacks. They tend to be more open with investment ideas in high-end software solutions to secure their financial transactions. Anti-fraud solutions are specifically aimed to ensure the connectivity with their banks and ensure the highest security of financial transactions against cybercriminals. Much fewer small businesses are willing to invest protection solutions than big companies. More than half of small businesses (57 percent) have no intention of investing in protection solutions.
One important reason for the hesitance of small businesses in IT security investment because they feel there are no security solutions developed for their needs. They usually have to select software for individuals, not those specifically designed for businesses or high-grade complicated and costly software. According to experts, Kaspersky Small Office Security is designed to fill this gap. It provides management software specially designed to secure financial transactions.
The key to protecting VSBs is an appropriate priority in security needs. A small company does not need to start by investing such things as data loss prevention (DLP) or single-interface intensive management. VSBs can focus only on important security issues to them and select security providers with the intention of future corporate expansion.