IT Pro, October 8, 2008
According to preliminary research conducted by Anas Tawileh, a Cardiff University researcher, small-to-midsized businesses are trailing larger ones in terms of information security issues. The research, which was unveiled at the Information Security Solutions Europe conference earlier this month, found that 46 percent of respondents from large organizations have conducted a comprehensive impact assessment of the information they held in IT systems. Compare this statistic to that of midsized (31 percent) and small organizations (24 percent), you’ll recognize a notable difference.
“There may be less regulation for SMBs, but they need to think carefully about the threats to their businesses associated with disclosing a key customer’s confidential data, as well as their own,” Tawileh said. “They need to start taking a more holistic approach to their security that encompasses all aspects, including the social and human, as well as technical.”