According to shocking results of a poll reported by info security firm Avast, more than half of small firms do not believe they are at risk of cybercrime, with many having no preventative measures in place.

Three out of ten of the 1,250 SMEs questioned by Digital indicated they had no cybersecurity, with nearly 60% feeling like they are “too small” to be targeted by threat actors — a belief disproved by the DeadBolt ransomware group’s recent resurrection.

Avast thinks that SMEs — defined as companies with fewer than 500 employees by Digital – must abandon the assumption that internet criminals would not target them.

As we have stated countless times in previous blogs, this is simply not true. Everyone has some customer and other business-critical data that could be useful to a bad actor on the dark web. It may only include client emails, or it could be credit card or social security numbers.

Web servers, online bill-paying systems, and instant messaging are examples of SME facilities that could be targeted.

All of these might be penetrated by a determined opponent, which could mean disaster, added Avast, who said that the flagrant lack of concern extended to both digital and traditional “in-person” firms.

Only around a third of small businesses performed regular data backups or used secure networks, with roughly a quarter claiming that cybersecurity measures were “too expensive.” Around one-fifth of those polled thought cybercrime reports were “overblown.”