A new British Chamber of Commerce (BCC) survey of over 1,200 companies (96% SMEs) reveals cyber-criminal attacks occurred on one in five UK firms over the last year.
Despite the very real threat this poses to businesses, the majority (63%) rely on IT providers to resolve any issues.
Bridging the Gap Between Business and Education
Given the serious damage to business reputations and the cost of clean-up after high profile cases such as Yahoo and TalkTalk’s data breaches, the BCC argues that it would be better for firms to take a more proactive approach.
Instead of waiting to react to cyber-attacks, companies can educate employees and raise awareness of the dangers posed at every level.
Threat to Large and Small Businesses
Organisation size is no protection, according to the BCC survey, with larger businesses more likely to be targeted. 42% of the attacks were on businesses with more than 100 staff, compared to 18% of attacks on firms with fewer than 99 employees. 72% of those surveyed operated in service industries.
In an age of more mobile work practices, employees may be blind to the threat of malware and ransomware every time they plug in remotely to access company files and servers.
Spear phishing meant that Snapchat’s finance department released sensitive employee data to what they thought was the company’s CEO, this type of attack is known as CEO Fraud.
If employees had been taught to request simple two-step verification of all such data requests, a costly (and embarrassing) breach may have been prevented!
Data Protection Changes – Responsibility for All
Stricter legislation being introduced from May 2018 means that all companies who use personal data must also be compliant with the new General Data Protection Regulations (GDPR), or risk facing harsher penalties.
Dr Adam Marshall, Director General of the BCC, said:
“Cyber-attacks risk companies’ finances, confidence and reputation. Firms need to be proactive about protecting themselves [to] defend against cyber-security breaches and mitigate the damage caused by an attack. Firms that don’t adopt the appropriate protections leave themselves open to tough penalties.”
Increase Security with Real Time Training
Increase your business and client confidence by using our specialist cyber-security user education software to train and assess your employees, with "real time" security reports and phishing tests. Our trials are free, you don't need a credit card to sign up, so what's stopping you? Click here to start your Free Trial today