Most business owners would never dream of leaving the doors to their businesses flung wide open after hours. On the contrary, the physical – and sometimes stringent – security measures that are in place to protect their business properties are usually quite evident. 
Many have “round-the-clock” security guards that are posted at the entrance or in the lobby. Some even go as far as having burglar bars in front of the windows and CCTV cameras that pan the perimeter of the premises. And most business owners definitely take care to securely lock their doors after leaving for the day.
Yet many of those same business owners – especially those at the helm of small to medium-sized businesses (SMBs) – are shockingly lax and willing to compromise when it comes to another, equally important aspect of protecting their company’s assets: IT security.
In general, the amount of money a company invests in its IT security appears to correlate with its size. Companies with 51 – 100 employees tend to be more concerned with their virtual security than those businesses with 10 or less employees.
Since they have less manpower and limited budgets, they seem to think that this is an area where they can afford to get away with spending less – or sometimes, not any – money.
Hackers and cybercriminals have clued into this, which is why data breaches among smaller organisations worldwide have escalated dramatically. They have, quite simply, become easy targets.
Last year, American-based Verizon Communication’s forensics unit conducted an analysis among companies. The study was carried out in conjunction with the US Secret Service and several other international agencies.
It found that 72% of the 855 global data breaches they had analysed happened at companies with fewer than 100 employees; up from 63% of the 761 data breaches it had analysed the year before. The Verizon report also found that 96% of the attacks that had been studied were not difficult to execute and 97% would have been completely avoidable “without difficult or expensive countermeasures”.
Just as the hackers have caught on that SMBs are easy prey, SMB owners seem to have realised that prevention is not only better than cure, but more cost effective too. They are now finally grasping that it would actually cost them more to recover from a data security breach than it would to invest in adequate IT security in the first place.
A recently released International Data Corporation (IDC) research report states that SMBs are now spending more than ever on security technology.
The research firm found that the rate that SMBs are investing on taking IT security measures is increasing at a pace that almost doubles the anticipated 5% to 6% annual growth of their overall IT budgets. IDC predicts that SMBs will spend $5,6-billion on security alone in 2015.
This change of heart has been driven by the uptake of mobile technology and the trend among employees to BYOD (bring your own device). SMBs are realising that their employees using their own smartphones and tablets for work as well as for personal reasons might put their company’s data at risk, since mobile devices run just as great a risk as desktops and laptops of being hacked.