SMEs are booming in the United States – half of all American workers are employed by small businesses, according to this infographic from staysafeonline.org. The Internet is vital for them: 87% of small organizations have one or more employees who use the Internet for daily operations, and more than half of them (55%) say that losing Internet access for 48 straight hours would be “disruptive to their business” – 38% say it would be “extremely disruptive”.
Easy attitude towards threats and lack of policies
Despite cyber attacks increasing in number (more than 63,000 in 2014 and nearly 80,000 in 2015, according to Verizon), SMEs seem blasé about such threats: 77% declare that their company is safe from external attacks (like hackers, viruses, and malware) and 60% are not concerned about any external or internal threats.
These nonchalant attitudes go together with a full confidence in their staff: They don’t have any written security policy for employees – either formal (87%) or informal (69%) – nor do they have policies about social media use at work (75%).
But how can they be 100% sure their staff won’t inadvertently cause harm? And how can staff know what is best practice?
Your staff are your weakest link
People, processes, and technology are the three building blocks of any cyber security strategy. You can exert control over processes and technology, but you only have limited power over human behavior. The only way you can mitigate this vulnerable part of your security strategy is to invest in staff education. The Information Security Staff Awareness E-Learning course is designed to assist employees in gaining a better understanding of information security risks, thereby reducing your organization’s exposure to security threats.
Make sure your company doesn’t close down because of your staff misbehaving. Call us on 1-877-317-3454 or email us for a tailored quote and to request a one-to-one demonstration.