Cyber Security misconceptions placing a third of UK SME revenue at risk

2 Mar 2015 02:42 PM

New research reveals a worrying lack of awareness among the UK SME Community into the threats posed by cyber-crime.

HMG's 'Cyber Streetwise' Campaign 'Cyber Streetwise' Campaign has revealed a worrying lack of awareness among UK Small and medium sized companies into the threats posed by cyber-crime. Two thirds (66%) of the SME community, for example, do not consider their businesses vulnerable to cyber threats and only 16% consider cyber security a top priority for 2015. The resulting exposure to loss of valuable data, the associated loss of customers and the reputational damage caused by an information breach is placing a reported third (32%) of SME revenue at risk.

The research identified a number of cyber security myths that underpin this trend. Common misconceptions include:

• Only companies that are involved with online payments are at risk (26%)
• Small companies are not a legitimate target of cyber-crime (22%)
• Cyber-security is too expensive (21%)
• Lone individuals are usually the perpetrators of cyber-crime, not organised criminals (20%)
• Banks will cover any associated loss from a cyber-attack (11%)

Of particular interest was the perception relating to cost as a barrier to good cyber security, given the wealth of resources freely available to the business community on how to implement basic security measures. The Cyber Streetwise campaign, for example, provides free simple advice on the importance of firewalls, software & security updates, back-ups and the use of secure passwords and the Government also provides free online training courses. Organisations looking for more technical specification and guidance on best practise can also look to Cyber Essentials, which offers businesses a way of demonstrating to customers, investors and insurers that they have taken basic cyber security precautions.

techUK welcomes initiatives to raise awareness in the SME community into the threats posed by cyber-crime and is keen to support the SME community in making their businesses secure and resilient, increasing security throughout the entire supply chain. techUK is working with members to produce a taxonomy of cyber risks that can be easily communicated at a board level and help businesses understand the need for cyber resilience, based on past examples of attacks and the effects that they have caused in order to make them more practical and usable.

If you would like to find out more information on how to get involved, please contact Talal.Rajab@techUK.org.