Over half of small companies aren’t taking any precautions against a possible Russian cyber attack

Time to read
1 minute
Read so far

Over half of small companies aren’t taking any precautions against a possible Russian cyber attack

Small businesses were least likely to take precautions against the Russian Cyber threat

New research from Databarracks has revealed that 58% of small companies (less than 50 employees) were not taking any precautions against a possible Russian cyber attack.

The findings are from Databarracks’ 2022 Data Health Check survey of 400 IT decision makers. This year’s survey focused on themes of Ransomware, Cyber, Backup, Disaster Recovery and Business Continuity.

Barnaby Mote, Managing Director of Databarracks, commented “The current risk of cyber attack is high. All organizations, regardless of size, should be taking extra precautions to protect their data.”

By comparison, only 19% of large organizations (500+ employees) surveyed said they weren’t taking any precautions.

“The most common mitigations, across all sizes of organization were: implement or update antivirus software (40%), implement or update user access controls (35%) and increased frequency of patching and updates (34%).”

Mote continued “Cyber attacks on larger organizations make headlines. This can give the impression that they’re not happening elsewhere, but smaller organizations also suffer an enormous volume of attacks.

“Smaller organizations don’t have dedicated cyber security teams like enterprises but that doesn't mean they are defenceless.

“The NCSC has issued official guidance on steps to take when cyber threat is heightened. The advice includes logging and monitoring, reviewing backups, reviewing incident plans, checking internet footprint and phishing response, among others.

“Focus on getting the basics of cyber security right; implementing Multi-Factor Authentication, making sure systems are kept up to date and making sure you have reliable off-site backups. Getting these things right makes a big difference in your overall resilience.

“Organizations should also consider the Cyber Essentials and Cyber Essentials PLUS Certification. Cyber Essentials helps organizations set solid, foundational cyber security controls, and it is especially suitable for smaller businesses. The Cyber Essentials PLUS Certification includes the additional benefit of having a qualified assessor carry out an audit of those controls to demonstrate your organization’s resilience.”

View the online report here: https://datahealthcheck.databarracks.com/2022/

Download the full report here: https://www.databarracks.com/resources/data-health-check-2022