Skip to main content

How does company size dictate information security posture? A NeweggBusiness customer survey reveals differences in how companies large and small approach cybersecurity. Some findings fell in line with expectations; others defied the conventional understanding of how security professionals operate in businesses of scale.

Small businesses may no longer assume a “security by obscurity” stance. The past several years have witnessed a sharp uptick in cyberattacks against SMBs. The simple reasoning is that criminals discovered many small companies are easy targets, often lacking resources and know-how for protecting valuable business data.

This has led security-minded small companies to adopt information security postures similar to those found in the enterprise space. At a recent keynote, Department of Commerce’s National Institute of Standards and Technology director Willie E. May explained, “We see companies like Intel, Chevron, Walgreens, Pepco, Apple, QVC, and the Bank of America talking about how they are using the Framework [for Improving Critical Infrastructure Cybersecurity] or planning to incorporate it. But we also see 50-person firms, like Silver Star Communications in rural Wyoming, describing how the Framework has helped them to be more thoughtful and wiser managers of their cyber risks.”

More than anything else, user behavior indicates the effectiveness of information security policies for a business of any size. NeweggBusiness findings show SMBs are taking stronger security postures than their larger counterparts in regard to certain behaviors such as sharing logon information.

It is undeniable that small companies have a resource disadvantage for creating and enforcing a strong information security posture.  However, a smaller-sized company tends be more agile with its IT infrastructure. This manifests in smaller companies having a better likelihood of deploying software patches in a timely manner; by the same token, large companies check network logs more often and are more likely to run risk assessments.

Information Security Large Small Company

Share this infographic on your website

<a href=""><img src='//' alt='infromation security large small company' width='700' border='0' /></a>

[Infographic] Comparing Information Security in Large and Small Companiesdesign by Dana Choi

Adam Lovinus

Author Adam Lovinus

A tech writer and Raspberry Pi enthusiast from Orange County, California.

More posts by Adam Lovinus

What's your take?