Infotech Express icon

Improve Information Security Practices in the Small Enterprise

Create a realistic security plan that manages the threats of today and tomorrow.


This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

View Storyboard

Solution Set Storyboard thumbnail

Want to Participate in Our Research?

  • Analyst Interviews: Share your best practices, opinions, tools or templates with your peers.
  • Upcoming Workshops: Accelerate your project with an onsite, expert analyst to facilitate a workshop for you. Contact us for more details.
Become a Participant

Your Challenge

  • Small enterprises are common targets of cyber-attacks due to their size and security practices.
  • Security is not commonly viewed on a strategic level and is generally centered around technical protection measures.
  • Firefighting IT practices cause security planning and capabilities to not address critical vulnerabilities and threats to the organization's information.
  • It is difficult to keep protection measures up to date and adequate against external threats that are increasing in volume, intelligence, and complexity. 

Our Advice

Critical Insight

An overwhelming amount of small businesses believe that they do not need security because they have nothing worth stealing. This could not be farther from the truth. In fact, over 90% of data breaches impact small businesses. 

Impact and Result

  • Support IT in better protecting the organization’s information.
  • Improve the organization’s awareness, communication, and plans for information security.
  • Enable IT leaders to build an information security strategy that balances business needs with the risks from the external threat landscape. 

Research & Tools

Executive Overview

Find out why you should develop an information security strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project. 

1. Assess security requirements

Understand what information needs to protected and to what degree.

2. Determine current and target states

Assess current security capabilities and create a vision for your future security program.

3. Develop improvement plans

Construct initiatives that will bridge the gap between current practices and your target capability goals.

4. Create and communicate the roadmap

Finalize your security program strategy and roadmap and determine how you are going to communicate and execute on your plans.

Talk to an Analyst

Our analyst calls are focused on helping our members use the research we produce, and our experts will guide you to successful project completion.

Book an Analyst Call on this topic.

You can start as early as tomorrow morning. Our analysts will explain the process in your first call.

Get advice from a subject matter expert.

Each call will focus on explaining the material and helping you to plan your project, interpret and analyze the results of each project step, and setting the direction for your next project step.

Search Code: 80007
Published: March 3, 2016
Last Revised: March 3, 2016