SMBs conduct security training, but they aren't prepared for a real-life cyberattack

As cybersecurity threats and concerns increase, many SMBs are preparing employees to deal with it.

A Tuesday Webroot report found that companies in the United States, United Kingdom, and Australia are amping up their cybersecurity readiness, with nearly 100% of respondents saying their businesses have conducted some form of employee cybersecurity training.

Despite this statistic, the study found that 79% of respondents were not ready to manage their IT security and protect against threats. Only half or a third of respondents implemented “continuous” cybersecurity training, something necessary for effectiveness, according to the report.

SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)

Startlingly, the number of respondents who said they felt very confident about cybersecurity fell from 48% in 2017 to 21% in 2018.

The study found that many companies’ security concerns are shifting in 2018. Phishing took the no. 1 slot, replacing malware. Malware dropped to no. 6. Respondents from the United States reported that their businesses would be most susceptible to phishing at 56%.

Respondents in the UK reported that their companies were most susceptible to ransomware attacks at 44%. Australian respondents ranked themselves as most susceptible to DNS attacks at 52%.

Five years after the Edward Snowden news broke and companies began worrying about insider threats, only 25% reported their business to be susceptible to such threats. In Australia however, 32% of respondents reported their companies would be at risk.

To better defend against cyberattacks, Webroot offered tips in a press release. The release stated that businesses should be concerned with employee cybersecurity education and be aware of their businesses’ risk profiles and prepare for the worst.

The big takeaways for tech leaders:

SMBs should focus on continuous employee cybersecurity education to more effectively prepare against real-world cyberattacks.
The number of business leaders who said they felt very confident about cybersecurity fell from 48% in 2017 to 21% in 2018.

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE This policy describes the organization’s employee privacy guidelines and outlines employee privacy expectations. From the policy: POLICY DETAILS The organization’s IT equipment, services and systems are intended for business use only. However, the organization acknowledges that staff, consultants and volunteers occasionally require opportunities to make or receive personal phone calls, access personal email, utilize ...

PURPOSE The purpose of this Security Response Policy from TechRepublic Premium is to outline the security incident response processes which must be followed. This policy will assist to identify and resolve information security incidents quickly and effectively, thus minimizing their business impact and reducing the risk of similar incidents recurring. It includes requirements for both ...

PURPOSE This policy from TechRepublic Premium provides guidelines for reliable and secure backups of end user data. It outlines the responsibilities of IT departments and employees to identify tasks and action items for each group. The policy can be customized to fit the needs of your organization. From the policy: IT STAFF RESPONSIBILITIES IT staff ...

SMBs conduct security training, but they aren’t prepared for a real-life cyberattack