July 28, 2005--Small businesses are increasingly vulnerable to information security threats due to a passive, complacent attitude toward security risks, according to a survey conducted by the Small Business Technology Institute (SBTI) of over 1000 small businesses with fewer than 100 employees.

Although the amount of viruses and spyware is increasing, the main cause of the growing vulnerability is that small businesses are adopting more sophisticated technology, which makes them more susceptible to threats. "40% of one-person businesses operate on a network," said Patrick Cook, SBTI chief technology strategist and a co-author of the survey. "Networks and mobile devices make security risks escalate. The problem is that small business owners are aware of security issues, but they don't think the issues apply to them."

The complacent attitude small business owners have toward information security was reflected in the survey's results. Although 56% of small businesses said they had experienced at least one information security incident within the last year, fewer than 30% increased information security spending during the same time frame.

The vulnerability of small businesses to security threats, which decrease productivity by causing temporary inconveniences that require time and resources to be fixed, could have considerable negative repercussions. The survey said that because small businesses support over half of the nation's GDP, their increasing vulnerability "represents an extremely high and worsening point of exposure for the U.S economy as a whole."