SMBs are still making the same silly cybersecurity mistakes

A close-up image of a keyboard, with a key marked "Password".
(Image credit: Getty Images)

Despite cyberattacks growing in volume and destructive power with each passing day, most small and medium-sized businesses (SMB) are still making the same cybersecurity mistakes as always, experts have warned.

Surveying more than 600 employees and managers for its “Future of secure work for people + organizations” report, Dashlane found just 38% increased their usage of password managers, 37% increased cybersecurity training, and 36% adopted new security policies

Furthermore, less than a quarter (24%) said they only started using a password manager now.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Poor usage of password managers and security training are not the only mistakes SMBs are making - there are also discrepancies between workers and management on their cybersecurity posture. 

While two-thirds of leaders (65%) say their business’ use of existing password managers has increased, only a quarter (25%) of employees think the same. It’s no different with adopting new security policies, either. While 31% of leaders said that was the case 43% of employees confirmed it. 

Password managers still a major change

Also, while 23% of leaders spotted an increase in cybersecurity training, 40% of employees noticed the same thing. And finally, while 32% of leaders said their organizations just started using a password manager on their endpoints now, 20% of workers agreed. 

Still, the increased use of password managers was the biggest change SMBs made, since transitioning to a remote working environment, with 38% of both employees, and leaders, spotting the trend. 

“Our research shows awareness of cybersecurity threats among leaders has increased substantially, but organizations need help and education to make the right decisions when it comes to security. We're seeing awareness increase in a world that has employees going remote, but this awareness isn't really being put into action,” said JD Sherman, CEO of Dashlane. 

“In the case of SMBs, there is no full-time, dedicated IT person, let alone a security team — in these instances, a password manager checks the boxes on reliability and affordability, and offers a great first line of defense.”

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.