"Negligent employees or contractors and third parties caused most data breaches," according to the report. "However, almost one-third of companies in this research could not determine the root cause." Credit: Anton Novikov/Thinkstock A new study conducted by the Ponemon Institute and sponsored by password management provider Keeper Security analyzed the state of cybersecurity in small and medium-sized businesses (SMBs) and found that confidence in SMB security is shockingly low (just 14% of the companies surveyed rated their ability to mitigate cyber attacks as highly effective).“We’ve conducted many surveys on enterprise cybersecurity in the past but this unique report on SMBs sheds light on the specific challenges this group faces,” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “Considering the size of the SMB market in the United States alone, this information can be useful to diminish the risk of breach to millions of businesses.”Among the findings of this survey of 600 IT leaders at businesses with between 100 and 1,000 employees:50 percent of respondents reported that they had data breaches involving customer and employee information in the last 12 months.Three out of four survey respondents reported that exploits have evaded their anti-virus solutions.59% of respondents say they have no visibility into employees’ password practices and hygiene.65% do not strictly enforce their documented password policies.Not surprisingly, the study reveals that insufficient personnel, budget and technologies are seen as the primary reasons for low confidence in cybersecurity posture. But for 35% of respondents another contributing factor is that IT security priority determination is not centralized to one specific function in a company. The result: reduced accountability and less informed decision making. To learn more, download the study at the following link: https://signup.keepersecurity.com/state-of-smb-cybersecurity-report/.Register now for a link to the study and to view an infographic with more key findings from The 2016 State of SMB Cybersecurity research report. Related content news analysis LogoFAIL attack can inject malware in the firmware of many computers Researchers have shown how attackers can deliver malicious code into the UEFI of many PCs though BIOS splash screen graphics. By Lucian Constantin Dec 08, 2023 8 mins Malware Malware Cybercrime news Google expands minimum security guidelines for third-party vendors Google's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features. By John P. Mello Jr. Dec 08, 2023 4 mins Application Security Supply Chain news New CISO appointments 2023 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Dec 08, 2023 28 mins CSO and CISO Careers Security news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe