New Cisco report: SMB security posture catches up to enterprise counterparts


Small-to-medium businesses (SMBs) have a lot of things to deal with. They have a huge number of responsibilities but not a lot of resources to do them with and even fewer people to perform them when compared to enterprises. One area in particular that wasn’t really addressed in the past is cybersecurity, because companies that ran lean on staff usually couldn’t afford to have a dedicated security person. 

There can be a great deal of confusion about this issue in the public eye, as well as questions such as, “Why was this place attacked?” or “Don’t they care who they’re hurting?” The one that happens most often is, “They’re too small a target to be worth anything.” 

Despite this, over the past few years, there has been a major shift in the way that SMBs handle cybersecurity. This is because one key element has changed the entire game: automated attacks don’t care who you are or how small your company is. 

As a result, SMBs have started to see the impact that ignoring this threat can cause and have begun to move towards a more secure posture simply because they can’t afford not to. Cisco recently published a report detailing these findings, entitled “Big Security in a Small Business World“. For the scope of this report, Cisco is referring to organizations between 250 and 500 people as SMBs.


Attacks don’t care whether you’re big or small. Larger targets may invite numerically more attacks and more determined attackers, true, but attacks of opportunity still happen. 

SMBs have shown that they are taking these threats seriously and for the most part are trying to be transparent with the public as a result, with 50% of SMBs polled saying that they’ve had to (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Kurt Ellzey. Read the original post at: