Small and medium sized businesses (SMBs) have developed a false sense of security and remain naïve about the threats, according to McAfee.
The security firm issued a new report which examined the attitudes of SMBs regarding security.
Nearly a third of the companies surveyed had been attacked four or more times in the past three years. A quarter of those attacks took the company more than a week to recover.
However, the companies surveyed by and large believe that they are not prime targets for attack.
Some 52 per cent said that their company was too small to be noticed by criminals, while 46 per cent did not believe that their company could make a cyber-criminal any money.
"Just because a business is small does not mean that it is immune to security threats," said Darrell Rodenbaugh, senior vice president of the mid-market segment at McAfee.
"For businesses of all sizes, viruses, hacker intrusions, spyware and spam can lead to lost or stolen data, computer downtime, decreased productivity, compliance issues, lost sales and even loss of reputation."
Time is also a major liability, according to McAfee. The study found that 42 per cent of SMBs have an hour or less to spend on security management, while 43 per cent run with the default settings on all IT equipment.
"Time constraints are definitely a contributory factor to SMB security," said Rodenbaugh.
"In focus groups, SMBs have told us that they do not have enough time and they would rather not do anything rather than give it to someone else to do."
Small firms naive about security
By Shaun Nichols on Jul 24, 2008 9:57AM