Are Small Businesses More Concerned About Cybersecurity Since COVID-19?: Cybersecurity Trends

Based on a new survey, less than one-third of small businesses with fewer than ten employees appear to be more concerned about cybersecurity since the pandemic began, despite the fact that most have moved to a remote workforce.

According to a new survey of 400 small business owners, conducted by the Cyber Readiness Institute (CRI), 89 percent of small businesses have moved to a remote workforce during COVID-19 stay-at-home orders.  But, only 31 percent of small businesses with fewer than ten employees were more apprehensive of possible cyber attacks and only 45 percent of them have increased time, money or human capital investments as it relates to cybersecurity.  For small businesses with more than ten employees, the percentages were 41 percent and 80 percent respectively.

“For malicious actors looking for vulnerable targets, small businesses remain a primary target, particularly during the Covid-19 pandemic,” said Kiersten Todt, executive director of The Cyber Readiness Institute. “Small businesses can make themselves resilient against common attacks, such as phishing, by focusing on employee education and awareness and creating a culture of cyber readiness within the organization.”

Additional survey findings included:

  • 49 percent of small businesses will still maintain at least a partial remote workforce after COVID-19 restrictions are lifted;
  • 62 percent of small business owners support tax incentives or federal grants for cybersecurity investments;
  • 35 percent of small businesses with fewer than ten employees do not have an incident response policy;
  • More than 42 percent of businesses have provided additional password training or policies over the past two months;
  • 30 percent of small businesses have used new free cybersecurity tools since work-at-home orders began; and
  • 25 percent of small business owners anticipate hiring new cybersecurity staff or consultants over the next six months.

Looks like small businesses are definitely not taking cybersecurity concerns more seriously, despite the additional vulnerability associated with a remote work force.  Then again, small businesses have so much to worry about (like survival), that cybersecurity is evidently well down the list of concerns.  Unfortunately.

So, what do you think?  Is your organization doing more to address cybersecurity concerns because of the remote work associated with the pandemic?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

One comment

  1. Feels irresponsible to have cybersecurity lower on the list of concerns. It should be toward the top because active cybersecurity measures safeguard clients’ sensitive data. I think this news is concerning.

Leave a Reply