Home page other news
Australian SMEs are increasingly falling victim to sophisticated attacks. The ACSC surveyed SMEs about their cyber security practices.
Small to medium enterprises (SMEs) are seen as easy targets for cyber criminals. Australian businesses are increasingly falling victim to sophisticated attacks, targeting what matters most to them: their money, data and reputation. The Australian Cyber Security Centre (ACSC) is aware of the risks faced by SMEs and researched SMEs and their cyber security practices.
Key findings from the survey
The survey collected 1763 responses from Australian SMEs and found that:
- 62% have experienced a cyber security incident.
- 80% rated cyber security as important or very important.
- 1 in 5 businesses did not know the term “phishing” (link to relevant article)
- Almost half of the respondents rated their cyber security understanding as average or below average.
- Nearly half of SMEs reported that they spent less than $500 a year on cyber security.
- 41% of medium-sized businesses outsource their IT security
What’s preventing SMEs from implementing good cyber security practices?
The survey also investigated the barriers that are preventing SMEs from implementing more robust practices. These included:
- Lack of dedicated IT staff, with security competing for time and resources
- Lack of planning and understanding of how to respond to cyber incidents
- Underestimating the risk and impact of a cyber incident
- Failure to identify weaknesses in cyber security practices
Is it time to outsource your cyber security? Outsourcing helps to alleviate responsibilities of an often non-core business function, leveraging the expertise of a Managed Service Provider (MSP).
To view the full ACSC survey and findings, click here.