2019 Zogby Cybersecurity Survey Main Takeaways

Posted by Jordan Weber on Tue, Nov, 05, 2019 @ 13:11 PM

Late last month the National Cyber Security Alliance (NCSA) released some fascinating results of a survey that explored how small business leaders think about and manage cybersecurity. Conducted by Zogby Analytics, the survey polled 1,006 small business decision makers. Here are the key takeaways and some tips for your own organization:


  1. “46% of small business decision makers believe themselves to be very likely targets for cyberattack.”

We’ve seen this number creep upward in a handful of surveys over the past few years. This trend seems to indicate that small businesses are thinking differently about cybersecurity and how best to achieve it.

Historically this number was substantially lower. The majority of small businesses have believed themselves to be unlikely targets of cybercrime due to their size. After all, wouldn’t cybercriminals rather invest their time trying to scam larger companies with deeper pockets? That might be true, except for the fact that so much malware today is automated and once written, ransomware and phishing emails cost virtually nothing to deploy en masse.

In contrast to the mere lip-service once paid to address the perils of malware, today’s companies are making more concrete investments in their own cybersecurity strategies with awareness as a top priority.


  1. “Concern about cyber security is especially strong among larger companies – cyber security is a high priority for 72% of businesses with 251-500 employees.”

As smaller companies reevaluate their cybersecurity strategies, large organizations are taking measures to improve the security of their networks as well, and for good reason.

Larger organizations are more vulnerable to insider threats. Those are cyberthreats that come from inside the organization. These threats range from accidental data breaches of personal data to outright theft of proprietary information. For further reading, BusinessNewsDaily has a great article explaining the problem and various ways to counteract insider cyberthreats


  1. “Requiring employees to report suspicious emails (54%), run current anti-virus software on all devices (54%), update systems and software when prompted by the software (47%) and use lengthy unique passwords for each account (45%) are the most common cybersecurity best practices employed by the surveyed businesses”

Certain cybersecurity practices are always a good idea. More often than not, a few good habits make all the difference between a secure business and a vulnerable one. Keeping your antivirus updated, maintaining good data backups, and installing systems updates will go a long way toward keeping your business IT network more secure.

Already have these installed? Excellent news! You’ve taken some of the most important steps toward securing your business-critical data and systems. Want to go further? Check out password managers, email filtering systems, and a formalized disaster recovery plan. Configured properly, these systems can be security and productivity game-changers!


  1. Almost a half (46%) of surveyed businesses feel very prepared to respond quickly and appropriately to limit impact of a data breach or cyber security incident, were they to happen today.

It seems a shame that less than half of businesses polled felt they were prepared to weather a major cybersecurity incident. One could attribute this to a number of different causes. Without question, installing and maintaining good backup and cybersecurity systems require a significant investment of time and resources and expertise. It also takes time to create a company culture which values cybersecurity as a daily practice.

While these hurdles may appear difficult, they are not insurmountable. Cloud backup technology, for example is both highly effective and more affordable than ever. For an expert opinion, seek out an IT support expert who can tailor a cybersecurity solution suited to your organization.

Topics: Ransomware, Data Backup and Disaster Recovery, Cybersecurity, Phishing, Malware