• United States



by CSO staff

Study: More than 50% of SMBs were breached in the past year

Jul 06, 20162 mins
CybercrimeData and Information SecurityData Breach

"Negligent employees or contractors and third parties caused most data breaches," according to the report. "However, almost one-third of companies in this research could not determine the root cause."

security hole in fence clouds gap opening
Credit: Anton Novikov/Thinkstock

A new study conducted by the Ponemon Institute and sponsored by password management provider Keeper Security analyzed the state of cybersecurity in small and medium-sized businesses (SMBs) and found that confidence in SMB security is shockingly low (just 14% of the companies surveyed rated their ability to mitigate cyber attacks as highly effective).

“We’ve conducted many surveys on enterprise cybersecurity in the past but this unique report on SMBs sheds light on the specific challenges this group faces,” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “Considering the size of the SMB market in the United States alone, this information can be useful to diminish the risk of breach to millions of businesses.”

Among the findings of this survey of 600 IT leaders at businesses with between 100 and 1,000 employees:

  • 50 percent of respondents reported that they had data breaches involving customer and employee information in the last 12 months.
  • Three out of four survey respondents reported that exploits have evaded their anti-virus solutions.
  • 59% of respondents say they have no visibility into employees’ password practices and hygiene.
  • 65% do not strictly enforce their documented password policies.

Not surprisingly, the study reveals that insufficient personnel, budget and technologies are seen as the primary reasons for low confidence in cybersecurity posture. But for 35% of respondents another contributing factor is that IT security priority determination is not centralized to one specific function in a company. The result: reduced accountability and less informed decision making.

To learn more, download the study at the following link:

Register now for a link to the study and to view an infographic with more key findings from The 2016 State of SMB Cybersecurity research report.