When I used to fly in the service, one of the safety concerns was ‘complacency’.  Complacency was letting down your guard because of a feeling of safety based on numerous previous flights where nothing bad had happened.  System X never failed, system Y hadn’t failed, system Z had failed a little bit, but there was a backup, etc.  Per a recent McAfee and Office Depot survey, small to medium sized businesses (SMB’s) are suffering from a similar thing.

From a study of over 1000 participants, a majority (66%) felt confident  that their devices and data were safe from hackers.  Further, 77% felt they had never been hacked. This feeling of security is inconsistent with the evidence of SMB’s increasingly being targets of cyber attacks.  According to a statement by Congressman Chris Collins, part of the reason for this complacency is that attacks on small and medium sized businesses typically don’t make the news.  However there are a lot of them, hence the long tail.  According to McAfee, another reason for the increasing malicious activity on SMB’s is that larger businesses have had some success in hardening their enterprises to cyberattack and that has shifted the effort-invested and payoff balance for cyber criminals.

The study also found that 45% of the SMB’s responding did not secure data on employee’s personal devices and 14% hadn’t implemented any security measures at all.