According to a survey of 1,015 U.S. small to medium sized businesses released on October 15th, these business owners and operators have a false sense of cybersecurity. The survey, conducted by the National Cyber Security Alliance (NCSA) and Symantec, found that 77% of the business owners asked say that their company is safe from cyber threats such as hackers, viruses, malware, or a cybersecurity breach, yet 83% have no formal cybersecurity plan.

This annual survey is being released in conjunction with National Cyber Security Awareness Month, a coordinated national effort focused on improving online safety and security for all Americans. The survey found that although small businesses are increasingly reliant on the Internet for daily operations, they are not necessarily taking any measures to keep their businesses safe and secure online.

It was found that 73% of small businesses say that a safe and trusted Internet is crucial to their success, however nearly 6 out of 10 of the businesses surveyed do not have a contingency plan outlining procedures for responding and reporting data breach losses. Also, 66% of the small businesses who participated in the survey say they are not concerned about cyber threats, whether it be internal (employee, ex-employee or contractor stealing data) or external (hackers or cyber-criminals stealing data).

Executive director of the National Cyber Security Alliance, Michael Kaiser, stresses the importance of having a contingency plan, saying that “we want U.S. small businesses to understand they cannot completely remain safe from cyber threats if they do not take the necessary precautions. A data breach or hacking incident can really harm SMBs and unfortunately lead to a lack of trust from consumers, partners and suppliers. Small businesses must make plans to protect their businesses from cyber threats and help employees stay safe online.”

The NCSA and Symantec are not the only companies with findings such as the above mentioned ones. Another study, by The Hartford Financial Services Group, found that small businesses do not consistently follow some standard practices for keeping their data and IT systems secure. Despite this, two-thirds of the companies asked believe that a data breach would harm relationships with customers and employees.

The NCSA suggests that small businesses stay safe online by following some very simple steps. A few of these steps including knowing what you need to protect, enforcing strong password policies, mapping out a disaster preparedness plan ASAP, and encrypting confidential information. NCSA officials say that small businesses can improve their online safety practices quickly and easily by following these guidelines.


National Cyber Security Alliance, “New Survey Shows U.S. Small Business Owners Not Concerned About Cybersecurity; Majority Have No Policies or Contingency Plans” 10/15/12

Stein, Robert A. “Business Workshop: Get unbiased IT advice” 10/15/12