SMBs count cost of cut in security

Small to medium-sized businesses (SMBs) in the UAE are scrimping on their IT security expenditure — and are suffering the consequences as a result, a security firm has warned.

  • E-Mail
By  Dylan Bowman Published  December 17, 2006

Small to medium-sized businesses (SMBs) in the UAE are scrimping on their IT security expenditure — and are suffering the consequences as a result, a security firm has warned. According to a survey by Dubai-based security services firm eHosting Datafort (EHDF), the UAE’s SMB firms spend on average less US$1,000 annually on IT security, with half spending less than US$750 a year. However, nearly two-thirds of firms admitted that they had suffered at least one serious security incident, leading to either a systems crash or corruption of data. “These results are of great concern for business sustainability for the various companies that took part — if they are vulnerable and they spend so little on such an environment— it could interrupt their business and their clients’ business,” said EHDF’s CEO, Saeed Al Barwani. “They could be hacked into, their databases could be hijacked, their systems could be crashed, their information could be stolen and their clients would most definitely be inconvenienced,” he warned. The firm surveyed 150 UAE companies over a two-month period and found that over 60% of them had suffered at least one security incident that led either to a PC crash or corruption of data. Of those surveyed, 50% spend less than US$750 a year on network security solutions, although, more promisingly, 70% of respondents did report that they were in the process of implementing such technology or were planning to do so in the next 12 months. Outsourcing of IT services was increasingly being adopted by SMBs in the region to better secure their networks, according to the survey, with over 60% of the respondents reporting that they had or were in the process of outsourcing one or more IT services. Around 40% of respondents said they were outsourcing IT support and web hosting. The primary driver for this, according to EHDF, was lack of internal resources and the cost effectiveness of external services. Justin Doo, managing director of Trend Micro’s regional operation, said he believed SMBs in the region lack awareness of the online security threats they face — and often don’t put securing their IT networks high enough on their list of priorities. “The biggest challenge for most of the smaller businesses and small and mid-size business is they don’t know that they need a security solution,” Doo claimed. “Half the challenge is getting the message to the company owner of a five PC network that he needs to secure it.” Anthony O’Mara, vice president of sales and operations, Trend Micro Europe, Middle East and Africa (EMEA), added that SMBs faced the same security threats as larger organisations, but were more at risk as they were less able to recover from incidents. “They haven’t got the IT infrastructure to be able to do a recovery as quickly as the larger companies,” O’Mara warned. “So they need to make sure that nothing could come in which would damage their company,” he added. While EHDF’s report was critical of smaller firms’ security preparations, the security company said earlier this year that it saw promising signs that larger companies in the region were taking security more seriously. EHDF told IT Weekly earlier this year that a number of firms in the region are adopting the ISO 27001 international security standard, including Dubai Aluminium Company (Dubal), Saudi Binladin Group in Saudi Arabia and Mobile Telecommunications Company (MTC) Vodafone in Bahrain — with the Dubai Ruler’s Court due to follow (see IT Weekly 14- 20 October 2006).

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code