Out of 434 of New Zealand's small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach, but many are failing to do much about it.
A new study from HP New Zealand says that 41% of surveyed businesses have conducted an IT assessment in the last year, leaving many businesses unaware about their security risks.
The survey suggests that a breach may be one of the few ways that businesses are forced to act – of those who experienced a breach in the last 12 year, only 29 have failed to do a risk assessment.
“The consequences of a data breach are severe; from financial to brand and reputation damage,” comments HP New Zealand managing director Grant Hopkins.
“Organisations need to be vigilant about implementing processes that regularly monitor, detect and report data breaches. Running regular risk assessments and managing your endpoint security is critical in keeping businesses data safe.
As more New Zealanders work remotely, HP highlights some of the risks that come with flexible working environments.
Of the surveyed businesses, 60% regularly allow remote access, however 42% have a relevant security policy in place.
Although businesses are worried by what HP calls ‘visual hacking', only a fifth of businesses have integrated privacy screens on desktops or laptops to protect this kind of breach.
Small businesses must be particularly concerned about breaches, as HP says one attack could put an SMB out of business entirely.
Antivirus products only protect malware running in an operating system, but there are many other risks such as those that can modify boot-time or runtime software.
“Security threats are evolving every day. Due to reduced effectiveness of firewall protection, every device on an organisation's network is at risk, and unfortunately printing and imaging devices are often overlooked and left exposed,” comments Hopkins.
The study points out that the humble printer is a risk that most businesses overlook – 30% of respondents don't have security features on their printers (this figure rises to 37% for SMB respondents), and only 35% include printers in an IT security assessment.
“With hackers able to bypass traditional network perimeter security and antivirus programs, it's time we scrutinise a hardware's security as closely, if not more, than our external security solutions,” Hopkins says.
HP states that businesses must secure devices, data and identities in order to preserve people's trust and confidence in businesses and technology.