''Medium and smaller businesses have lower access to expertise,'' says Bob Hansmann, a senior manager for Trend Micro, Inc., a security company based in Tokyo and with U.S. headquarters in Cuptertino, Calif. ''The greater access you have to expertise, the better prepared you are. Otherwise, there might be someone in the company who reads up on it and runs with the first solution they come across so they can move on to the next problem.''
The study, which was done by Trend Micro, shows that organizations lacking IT departments are clearly experiencing increasing problems with security threats -- from spam to spyware to phishing. For respondents from small- and medium-sized businesses that have IT support, 38 percent in the United States; 30 percent in Japan, and 44 percent in Germany said they had contacted IT about a security concern or breach within the past three months.
The findings spotlight the challenge smaller organizations face in scaling IT resources to provide technical advice, conduct system scans, clean machines manually, deploy patches and security policies, and educate staff in order to enable a secure working environment, according to Trend Micro analysts.
But Hansmann says there's another aspect to spyware and phishing that is making the threats harder to deal with.
''It's the newness of the problem,'' he explains. ''These are emerging threats. The old problems, like viruses and even spam, have been around for a while. But the new problems that are only about a year old... it contributes to the expertise problem. The problems are new. The solutions are new. They don't have experts in house.''