Almost three quarters of British businesses are aware that their actions put their clients at risk of being a victim of cybercrime, yet they continue to readily send private and confidential information insecurely anyway, says an internet security and cybercrime product company. There is a large proportion of small and medium sized enterprises (SMEs) in the UK that are just as much to blame for subjecting themselves and their customers to cybercrime by not having sufficient processes, procedures and solutions in place to tackle this growing problem, according to StayPrivate.
UK business appears to believe that cybercriminals only target larger firms rather than SMEs and they also do not believe it to be an important enough issue, resulting in businesses not doing enough to help protect their customers. The study suggested that businesses are not using their emails conscientiously enough with over a quarter of respondents regularly sending messages to people they didn’t intend to, putting both their business and clients at risk of cybercrime. Findings include:
•Almost three quarters (73pc) of business owners, C-Suite and senior management are aware that using their clients’ personal email for sending and receiving personal and confidential information makes them cybercrime targets
•Almost half of businesses (46pc) say they are likely to be a victim of cybercrime
•One third (33pc) are worried that cybercrime is becoming more of a threat to their business
•Twice as many (43pc) are concerned that personal or confidential information they send to clients’ personal emails might be intercepted and used for the purposes of cybercrime than those who aren’t concerned (21pc)
•Over a quarter regularly send emails to someone they didn’t intend to
•More than one in ten do very little to protect their clients from cybercrime because they do not believe it is an important enough issue
•More than one in eight do very little to protect against cybercrime because they believe the chances are very small
•Over one in five (22pc) believe that cyber criminals only target bigger firms and not SMEs
•Almost one in five would not feel responsible if their clients’ information was intercepted by cybercriminals
•More than one in five confirm that either their business or customer emails have been compromised or hacked
•Only 48pc of companies have a policy not to send personal or confidential information to client’s personal (non-work) email accounts
•More directors and senior managers (51pc) than owners (33pc) say it is likely that their business will be a victim of cybercrime in the future
Rob Reid, founder and COO of StayPrivate, said: “In the past few years we have seen too many examples of how corporate reputations can be left in tatters if a firm is attacked by cybercriminals and our research shows that British SMEs are simply not doing enough to address the cyber threats posed to them and their customers. The business community needs to understand that email is not like traditional mail where a physical letter will only end up in the hands of the intended recipient, however with email once the message has been copied and sent, it has gone for good and becomes fair game to cybercriminals. It doesn’t take much for a cybercriminal to capitalise on the unsecure communication behaviour of SMEs, leading to either the business or their customers suffering from considerable financial loss. These risks can be easily mitigated by having the right policies and solutions in place. It is time for the business community to realise that the more private and confidential information they disseminate across the internet, the more opportunities it fuels for cybercrime and one of the best ways to address this is to make the internet and all communication channels as private as possible.”
About the research
Carried out by an independent research company in September 2016, 202 UK business owners, C-Suite and senior management were surveyed.
