Cyber-criminals don’t just target big enterprise – with attacks on SMEs increasing, small business owners are starting to understand the value of IT security.
In 2015, cyber-attacks on some of Britain’s largest companies resulted in the theft of sensitive customer data and the loss of tens of millions of pounds. The media attention paid to breaches at companies like JD Wetherspoon, Lloyds Bank and TalkTalk is understandable, but also contributes to a perception that cyber-security is something only big business has to worry about. Unfortunately, this perception is exposing SMEs to danger.
Target: small business
Research shows that cyber-criminals are turning their attentions towards small businesses, capitalising on naivety and a lack of cyber-defences.
Last year, 74 per cent of SMEs suffered a security breach. The average cost of attacks ranged from £75,200 to £311,000 – almost triple that of 12 months earlier. Around 60 per cent of small businesses close within six months of a cyber-attack.
While enterprise organisations suffer publicly after a breach, they are also in a position to recover swiftly from any damage or loss of revenue. Cyber-attacks on SMEs hit much harder – small businesses don’t have the time or resources to recover quickly – and, while operations are reeling, the loss in customer confidence may deliver a knockout blow.
Fortunately, it looks like the UK’s SME community is waking up to the threat – and taking action. The reality is cyber-defences are affordable, effective and necessary for small businesses – the difficulty lies in encouraging a stronger culture of protection in the workplace. Millions of owners and managers are already fighting back: building IT security strategies, exchanging ideas and educating employees in how to identify and avoid threats.
The growth of the cyber-security industry reflects this desire. In the UK, the IT security industry is now worth over £17.6 billion, employs over 40,000 people and is continuing to expand. As the threat landscape evolves, so too does the need for new strategies and skilled personnel to deal with the challenges it presents.
The UK government too is recognising the advantages of robust IT security and, in 2015, launched the £1 million Cyber Security Innovation Vouchers Scheme, offering small businesses up to £5000 for hardware, software and advice for building IT security into their infrastructure. The government is also encouraging a closer relationship between academia and the security industry, launching schemes to connect innovative thinkers from both sectors, and encouraging young people to think about professional careers in cyber-security.
The size of a business no longer matters to cyber-criminals – it’s the value of the data held in your network that attracts risk. Your safety and security depends on your ability to tackle emerging threats creatively: don’t push security into the shadows – hold meetings about it, anticipate threats, brainstorm ideas.
Doing that now will help secure the future of your organisation for years to come.
• Steve Ross is managing director of Shackleton Technologies