Download PDF version Contact company

Almost half of UK businesses have a basic cyber security gap that is leaving them exposed. This stark reality was revealed in a report from the Department for Digital, Culture, Media, and Sport (DCMS).

It found that the people responsible for cyber security in 48% of UK businesses lack the confidence to carry out basic tasks and are not receiving support from external cyber security providers. So, if users are in-house person isn’t confident in doing basic security tasks and they are not seeking support, just who is checking that their business systems are secure, and their data hasn’t been compromised?

Phishing scams

Many SMEs are unprepared for the cybersecurity threats lurking online, believing they are too small to be a target. The reality is that almost half of UK businesses suffered a cyber security breach or attack in 2019/2020. Most cybercriminals are looking for a quick payday.

If an attack has worked well, they will keep repeating it. That is why phishing scams, where attackers send fraudulent messages to trick a person into revealing sensitive data, remain the most common type of attack that organisations face, with 90% of all data breaches involving phishing.

Size does matter 

Cybercriminals want a swift financial return on their activities and purposely go after soft targets

SMEs need to understand that cybercrime is an organised and profitable business, albeit an illegal and morally bankrupt one. Cybercriminals want a swift financial return on their activities and purposely go after soft targets.

SMEs are seen as easy victims because they are less likely to have sufficient security in place to protect their systems and data. Hackers are after the information SMEs store on their customers and suppliers, such as credit card numbers, bank account details, etc. They will either use this themselves or sell it on the dark web to the highest bidder.

Credit card and identity fraud

Credit card, identity, and cyber fraud cost the UK up to £190bn a year. According to the UK think tank the Royal United Services Institute (RUSI), fraud has reached epidemic levels and should be seen as a national security issue.

While the profits keep rolling in, cybercriminals will continue their attacks and the sooner SMEs understand this, the sooner they can get serious about security and start protecting themselves more effectively.

Skills gap

The most common cyber security skills gaps identified in the report are:

  • Configuring firewalls.
  • Performing patching.
  • Storing or transferring personal data.
  • Detecting and removing malware.

Build secure foundations with Cyber Essentials

CE scheme which was designed to help protect UK organisations from the most common cyber threats

Cyber security tasks are laid out in the government-endorsed Cyber Essentials (CE) scheme which was designed to help protect UK organisations from the most common cyber threats. These fundamental tasks are the foundation of good security.

The scheme sets out basic technical controls for organisations to use. It also lays the foundation for developing policies and procedures to mitigate threats that can impact business operations. The benefit of being CE compliant is that it mitigates 80% of the risks businesses face, such as phishing, malware infections, social engineering attacks, and hacking.

Impact of cyber attacks and breaches

Taking the first steps in tackling cyber security can be daunting but the ramifications of not doing so can be devastating to the business. Cyber-attacks and data breaches are often financially crippling for SMEs to resolve.

In addition to remediation costs, there is also the loss of customers, suppliers, and business reputation, plus fines for breaching GDPR data protection rules.

Where to start?

No company can afford to be naïve about cybercrime and the importance of protecting data, the fallout is too great

A good place to start is by using an online policy management system designed for cyber security which will take users step by step through all the important security workflows.

It will guide users through the activities to take, highlight the business areas to focus on, and embed GDPR and Cyber Essentials principles so they can achieve certification. No company can afford to be naïve about cybercrime and the importance of protecting data, the fallout is too great.

Cyber security policy manager solution

A cyber security policy manager solution can remove the complexity and guide the company to become Cyber Essentials-certified cost-effectively. Being certified with a creditable scheme will bolster cyber defences, put in place policies to ensure users are taking the correct steps to protect confidential data, and go a long way in protecting a business against common attacks.

Use the help available to stop a company from becoming a cybercrime victim and add to the depressing cyber security statistics.

Download PDF version Download PDF version

In case you missed it

Global regulations of AI: the role and impact on the physical security industry
Global regulations of AI: the role and impact on the physical security industry

The artificial intelligence revolution in physical security has arrived, transforming how we protect people, assets, and infrastructure. From smart buildings that automatically ad...

How does security innovation impact the skillsets operators need?
How does security innovation impact the skillsets operators need?

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depe...

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...

Quick poll
What's the primary benefit of integrating access control with video surveillance?