Study shows deficits in IT security at SMEs arising from lack of resources
According to a joint international study by IDC, MessageLabs and McAfee, security awareness in SMEs has improved, however only a few would do more to improve IT security. 80 per cent of the 450 IT decision makers questioned fear an attack on IT security. However, other issues are given priority in order to keep normal business operations running. Because of limited resources few preventive measures are put in place, even though security is strongly linked to business success.
According to the study, measures taken are mostly reactive, relating to maintenance of existing solutions, such as updating existing security solutions and obtaining information on new hazards. Only 18 per cent (in Germany 21 per cent) of those asked stated that their company had already fallen victim to a security attack, which, according to IDC, contradicts other studies. This may be related to the fact that many of the ever more sophisticated attacks go unnoticed by SMEs. According to the German Federal Office for the Protection of the constitution, SMEs are particularly at risk from attacks originating from China.
In its study, IDC comes to the conclusion that Managed Security Services represent an effective solution for SMEs for achieving a high level of protection despite tight resources. This is one of the market research company's top ten predictions for the IT security market in 2007. IDC is not alone in this estimation - back in October 2006 telecommunications company BT bought security company Counterpane Internet Security, founded by Bruce Schneier, in order to expand its range of Managed Security Services and offer customers better protection from attacks originating from the internet.