That’s the conclusion of a special event attended by more than 20 regional small business owners on the ways in which they can try to protect themselves from online attack.
Run by RMT Technology, the specialist IT support division of RMT Accountants & Business Advisors, the event included analysis of the range of electronic threats now facing small businesses, the actions being taken by both Government and industry to tackle them, and recommendations on what SMEs can do themselves to minimise the threat and impact of cyber attacks.
New research by PWC found that almost two thirds (63%) of small businesses had suffered a malware infection this year, compared to 45% in 2014, while the number that had suffered online attacks by ‘unauthorised outsiders’ has risen from 33% to 38% over the same period.
And Paul Holborow, Head of RMT Technology, is recommending that all SME owner/managers take steps to create a ‘security culture’ within their companies, based around a proper awareness and understanding of the risks that they face.
He says: “The data breaches suffered recently by Talk Talk has been at the top of the news agenda, but what doesn’t make the headlines are the cyber attacks aimed at many North East SMEs every day, even though their impact can sometimes be catastrophic enough to close these firms down for good.
“All the market data available suggests that the range of threat is getting ever greater and more complex, and as well as the direct impact on costs and productivity, companies that fall foul of an outside attack can also face long-term reputational, regulatory and financial issues that they might not be able to overcome.
“With the launch of the Cyber Essentials programme and the establishment of Cyber Security Information Sharing Partnerships across UK, the Government is upping its game on cyber security, but it’s crucial for businesses to have their own measures in place, and to try to ensure their customers and suppliers are also up to speed.”
Guest speaker Paul Boam, director at information security consultancy Net Defence, commented: “Cyber criminals now have access to a greater range of tools than ever before, and their methods are continuing to evolve as they spend more time researching emerging attack vectors than most organisations spend on defending their critical assets.
“There is also increasing evidence to suggest that technology developments, whether software, hardware or in The Cloud, rarely consider security in their design.
“The often conflicting requirements of information confidentiality, integrity and availability may only be truly harmonised when organisations understand and accept the risks, and mitigate them wherever possible through a process of information security best practice.”
Paul Holborow continues: “Taking a common sense, proactive approach to using and managing technologies, rather than just hoping nothing happens, and making sure staff are well trained and fully aware of the risks they could face is absolutely essential in protecting SMEs from the potentially substantial impact of cyber attacks on their long-term well-being.”