Shocking Results from the Australian Cyber Security Centre Small Business Survey show that most SMB’s are woefully under resourced and under prepared

The Australian Cyber Security Centre ACSC conducts annual Cyber Security surveys of small business.

This captures a baseline understanding of cyber security practices and knowledge of, among Australian SMB’s

The Survey shows nearly half of SMBs spend less than $500 dollars annually on cyber security. This suggests that many SMBs take a DIY approach.

However, cyber security is a complex field with rapidly evolving technology and increasingly sophisticated cybercriminals pushing boundaries.

Further, the Survey sought to understand how much outsourcing buys peace of mind for SMBs, when in fact they may not be as protected as they believe.

Outsourcing is not a popular option for SMBs. In fact, 97 per cent of sole traders take matters into their own hands, while in contrast, 41 per cent of medium sized businesses choose to outsource as a support service.

This suggests a relationship between business size and the decision to outsource. The larger the business, the more likely they are to outsource a support service.

Key Findings

62% have been victims: 62 per cent of respondents have experienced a cyber security incident.

1 in 5 unaware of phishing 1 in 5 SMBs did not know the term “phishing”.

Low level of understanding Almost half of SMBs rated their cyber security understanding as ‘average’ or ‘below average’ and had poor cyber security practices.

$500 spent on cyber security Almost half of SMBs reported they spent less than $500 on cyber security per year.

Vulnerable cohort SMBs that outsourced IT security believe they are better protected than they really are.

Cyber security is important 80 per cent rated cyber security as ‘important to very important’.
Barriers to