Skip to main content

Survey: Small Infrastructure Businesses Have Big Cybersecurity Issues

USTelecom Cybersecurity survey

A new USTelecom study of the cybersecurity-readiness of small and medium-sized businesses operating critical infrastructure and found them generally wanting at a risk to national security.

USTelecom’s 2021 Cybersecurity Survey: Critical Infrastructure Small and Medium-Sized Businesses (SMBs) looked at communications networks as well as energy, financial and water, and found small businesses involved in all those were particularly vulnerable to breaches and can take longer to identify and recover from them (on average seven-and-a-half-months to fully recover).

Also Read: COVID-19 Related Pirate Streaming Is Big Malware Threat

Fully three quarters of those businesses surveyed said they had experienced a cyber breach while a majority (59%) said that their breach(es) had "stopped" productivity.

"Don’t be fooled – these companies may be small or have fewer employees than their counterparts – but they play a big role in operating and safeguarding our country’s critical infrastructure, including energy, financial, water and communications assets," said USTelecom SVP Robert Mayer in announcing the study.

The survey found that the cost, on average, to resolve a breach was $170,000, while 46% said they also lost customers because of breaches.

Also Read: IoT Cybersecurity into Law

USTelecom offered up some recommendations for mitigating cybersecurity risks: 1) conduct regular training; 2) revisit and update policies and procedures; 3) update system configurations; 4) conduct annual risk assessments; 5) conduct post-breach assessments; 6) evaluate in-house capabilities annually; 7) have cybersecurity insurance; 8) share information formally and informally; 9) conduct regular briefings; 10) dedicate at least 10%-25% of IT budgets to cybersecurity.

USTelecom conducted 14 in-depth online surveys with SMB CEOs and C-level executives. Usable responses were obtained from 323 respondents.