Although companies of all sizes require highly dependable computer networks and can benefit from the expertise of at least one in-house cybersecurity expert, small businesses still remain the most vulnerable. With more limited capital ready at hand, it can sometimes take them much longer than other companies to recover from serious cyber attacks.

The 2012 NCSA/Symantec National Small Business Study, an online safety survey of 1,015 small and mid-sized businesses, provides some useful insights into how critical flawless communications are too many companies. Unless you have endless capital on hand and an excellent relationship with all of your customers, having your computer system fail can be ruinous.

Here are some of the many reasons cybersecurity employees are needed to constantly troubleshoot problems for small and mid-sized businesses.

Small Businesses Rely Heavily on Internet Usage

  • Roughly 59% of small business employees rely on their Internet use for about 75 to 100% of their daily work;
  • About 68% of these employees rely on the Internet to help them with both customer communications and research;
  • A full 50% of small business employees rely on the Internet for communicating with vendors and business partners;
  • About 33% of these employees rely daily on the Internet for sales and customer relationship management;
  • Forty-five percent (45%) of those surveyed described themselves as “very dependent” on the Internet for day-to-day operations, followed by 26% who characterized themselves as “somewhat dependent;”
  • Usage increase. An impressive 48% of those surveyed said their daily Internet business usage has moderately increased during the past 12 months. Another 17% said they had become “much more dependent” on the Internet during the past business year;
  • Extreme disruption of business. More than one-third of those surveyed said that it would be very damaging for them to lose access to the Internet for 48 hours in a row. (Note: This percentage might have been even higher if more than 46% of those surveyed currently had websites for their businesses);
  • Data breaches. The majority of those surveyed believe that data breaches would only have a temporary impact on their businesses;
  • Sixty-nine percent (69%) of those responding who had a company website said they manage it in-house;
  • Small businesses are most afraid of malware or a virus affecting their Internet usage.

Fortunately, 62% of those surveyed believed their employees are aware of their formal Internet security policies and practices.  However, 87% of them had not yet created a formal written document explaining all of their mandatory policies and practices.

The greatest vulnerabilities of all of the companies surveyed surfaced when they were asked who currently handles their technology-related needs.

Current Oversight Reveals Need for Professional Cybersecurity Expert Assistance

  • Ninety-nine (99%) percent of the small businesses do not have an internal IT manager whose sole job is to stay focused on technology-related issues;
  • Two-thirds of the business owners themselves said they are in charge of overseeing cybersecurity for their companies– as opposed to fully trained IT professionals;
  • Seventy-five (75%) of the small businesses did not have established policies indicating how their employees should interact with social media at work – a serious oversight that could lead to majority security breaches;
  • Eighty-three percent (83%) of the surveyed companies had not created a written plan to help them maintain cybersecurity on a daily basis.

Conclusions
A large percentage of small businesses still need to establish clear standards for employee access to their business networks.  At present, about 1/3 of them allow employees access to all of their network information, while 56% have already carefully limited how much company network data can be accessed by the average employee.

Clearly, most of the surveyed small businesses could greatly benefit from routine cybersecurity training updates for their employees, at least one or more in-house cybersecurity experts and written manuals for employees that clearly outline each employee’s personal duties and responsibilities regarding the protection of all company data and proper, safe usage of the Internet.

Elizabeth Smith, J.D., M.A., is a freelance writer who has successfully written about general health, safety, legal, medical, consumer and business topics for over twenty years. She has also served as the author and co-author of two professional legal texts.