A new report released by Damballa this week revealed that the average enterprise will have 18.5% of machines infected with malware, with the figure unchanged across larger and smaller organisations.
While the report focussed on enterprise sized businesses it is safe to say malware has no concept of business size, it merely seeks out vulnerabilities and exploits them, meaning any organisation that stores data is a potential target. This means that anyone from a small local run business to a large multi-national corporation is exposed to the same threat level with their risk level depending on how robust their cyber-security defences are.
A common trap to fall into, particularly for smaller businesses, is that they believe that they have nothing worth having for cyber-criminals to target and don’t need to worry about cyber-security. Equally some organisations hold the misconception that by purchasing and implementing a security product, then their business is inoculated against internet-borne threats.
This latest report, however, highlights that business of all sizes need to be aware that security is an ongoing process and that threat avoidance goes far beyond just having products in place. This includes ensuring that staff are made aware of best practice and receive training on common threats such as social engineering and phishing attacks.