In the recently published Symantec survey of 2,500 executives with responsibility for IT security – half from companies of less than 100 employees – cyber-attacks were ranked as their top business risk. And, of those polled by Symantec, 74 percent said they were “somewhat or extremely concerned” about losing sensitive electronic data. In fact, 42 percent lost confidential or proprietary information sometime in the past and 73 percent of the respondents were victims of cyber-attacks just this past year.
Addressing this challenge, SMBs are now spending an average of $51,000 a year, or about two-thirds of IT staff time, working on “information protection, including computer security, backup, recovery, and archiving, as well as disaster preparedness.” This seems like a sound investment given that the average cost of a breach to these SMBs was $188,242.
All of this fear seems to be somewhat well placed given that 95 percent of security and compliance professionals recently polled by nCircle believe that data breaches have been and will continue to increase in 2010. Knowing what to do in the event of a data breach is not necessarily intuitive.