- Security TWENTY
- Women in Security
Small and medium sized companies are putting a third (32 per cent) of their revenue at risk because they are falling for some of the common misconceptions around cyber security, leaving them vulnerable to losing valuable data and suffering both financial and reputational damage. That is according to research by the government’s Cyber Streetwise campaign. It suggests that two thirds (66 per cent) of SMEs don’t consider their business to be vulnerable, and just 16 per cent say that improving their cyber security is a top priority for 2015.
When asked if they agreed with some of the most common misconceptions around keeping their business secure online, over three quarters (78 per cent) of small businesses believed at least one. These included the following myths:
• Only companies that take payments online are at risk of cyber crime (26 per cent) – All SMEs are at risk and whilst hacking of payment processing software is an obvious tactic, criminals are highly opportunistic and can benefit from stealing a wide range of data from businesses
• Small companies aren’t a target for hackers (22 per cent) – Small businesses are in fact a bigger target than ever because they typically hold far more data than the average consumer, but often don’t have any additional preventative measures in place to protect themselves. Last year 33 per cent of small businesses suffered a cyber attack from someone outside their business
This apparent lack of understanding around cyber threats is leaving many small firms vulnerable to losing valuable data and then suffering the knock-on effects, including losing customers and a damaged reputation, according to the Government. The official Information Security Breaches Survey has found that the average cost of the worst security breach is between £65,000 and £115,00 and can result in a business being put out of action for up to ten days.
A quarter (24 per cent) of small businesses think that cyber security is too expensive to implement and 22 per cent admit that they ‘don’t know where to start’.
Minister for Culture and the Digital Economy, Ed Vaizey said: “Small and medium-sized firms are a key part of our long-term economic plan to back business, create jobs and secure a brighter future for Britain, and many are reaping the rewards from going digital and operating online. However this new research shows businesses can do more to understand and respond to cyber threats. There are some simple steps firms can take to protect themselves, their cash flow and their data. The government is providing a range of cyber security guidance and support and I encourage all small and medium-sized firms to take these simple steps and fully benefit from our growing digital economy. Companies can also take advantage of free online training coursesfor staff, Cyber Essentials and a simple cyber security guidefor small and medium-sized firms. Cyber Essentials is a new government-backed and industry supported scheme designed to help businesses protect themselves against the most common cyber threats. Gaining accreditation enables businesses to display the Cyber Essentials badge and demonstrate to their customers they take their cyber security seriously.”
James Lyne, Global Head of Security Research at IT security product firm Sophos and supporter of the Cyber Streetwise campaign, said: “SMEs are the UK’s engine of growth, but because cyber criminals know this, they are continuously looking at ways to exploit them. Small businesses hold a wealth of data but many don’t realise quite how valuable this data is and how severe the consequences could be if it fell into the wrong hands. For example, a business’s intellectual property could be sold to a competitor and even email addresses can be sold to spammers for a profit.”
John Allan, National Chairman of the Federation of Small Businesses (FSB), added: “Cyber crime is a major business resilience issue. Business owners and managers need to see and understand this threat clearly and take the steps necessary to protect themselves. We know from our own research that in the future small businesses expect to become much more dependent on web based tools. We also know that, as firms’ reliance on tools like cloud computing increases, they also become more aware of the threats these services can pose. For example, nearly a third of businesses we questioned (61 per cent) were worried about the threat of data theft or loss. We need to give these businesses the knowledge and tools they require to prevent this from happening, and so help the continued take-up of these productivity-enhancing technologies.”
The research showed that businesses in London felt most at risk with 41 per cent saying they considered their company to be vulnerable to an attack; those in Wales felt the safest with just 16 per cent reporting that they felt vulnerable. Visit – www.cyberstreetwise.com.