ESG recently completed a research survey of 400 cybersecurity and IT professionals working at small organizations (i.e. 50 to 499 employees) in North America. As you can imagine, these firms tend to have a small staff responsible for cybersecurity and IT, reporting to business management rather than CIOs or CISOs.
How are these firms doing with cybersecurity? Not so good.
Two-thirds of the organizations surveyed experienced at least one cybersecurity incident (i.e. system compromise, malware incident, DDoS, targeted phishing attack, data breach, etc.) over the past two years.