Preliminary research findings unveiled at ISSE 2008 show the extent to which smaller firms are lagging behind their larger counterparts in term of information security
IT Pro, October 8, 2008
According to preliminary research conducted by Anas Tawileh, a Cardiff University researcher, small-to-midsized businesses are trailing larger ones in terms of information security issues. The research, which was unveiled at the Information Security Solutions Europe conference earlier this month, found that 46 percent of respondents from large organizations have conducted a comprehensive impact assessment of the information they held in IT systems. Compare this statistic to that of midsized (31 percent) and small organizations (24 percent), you’ll recognize a notable difference.
“There may be less regulation for SMBs, but they need to think carefully about the threats to their businesses associated with disclosing a key customer’s confidential data, as well as their own,” Tawileh said. “They need to start taking a more holistic approach to their security that encompasses all aspects, including the social and human, as well as technical.”
Whatever the reason small and medium-sized businesses are having a hard keeping up with bigger organizations, it’s important that they recognize their vulnerabilities and properly tend to those weaknesses before it’s too late. Information security is something that can be controlled and regulated, so why not take hold of the reigns now and catch up to the competition? After all, planning ahead will only help you in the long run.