The UK’s SMEs are ‘woefully under-prepared’ for cyber-attack claims Kaspersky Lab

How well-prepared are Britain’s small business for cyber-threat? Are they taking sufficient precautions to protect themselves from the growing threat of cyber-attack? Well, no –they aren’t. At least that’s what web security firm, Kaspersky Lab, believes. In fact the security firm believes these businesses aren’t just ill-equipped to tackle cyber-threat; it argues that the majority of the UK’s SMEs are ‘woefully under-prepared’ to combat cyber-attacks. What Kaspersky Lab finds even more concerning is that these same businesses are also becoming increasingly reliant on mobile devices which offer the easiest entry point for organised cyber-criminal infiltration.

Kaspersky Lab’s research suggests that a third of the UK’s small businesses won’t know who to turn to or what to do if they suffered a security breach. More alarmingly Kaspersky Lab found that 25 per cent of businesses admitted that they wouldn’t be able to recover any lost data in the event of an attack. Why are the UK’s SMEs so seemingly unprepared for cyber-attack? Well, Kaspersky Lab believes it’s because they are living with their ‘heads in the sand’. The security firm’s research found that 82 per cent of Britain’s small businesses believe they are not a potential target for hackers and cyber –criminals. What the majority of these organisations failed to appreciate is that if they are connected through the supply chain to bigger and more influential organisations, then they are just as likely to be targeted by the criminals. In fact, they are probably even more vulnerable, as hackers will see them as vulnerable entry points through which they can launch attacks against bigger and more-profitable organisations:

“While it is encouraging to see the extent to which micro firms are embracing the latest technologies, this must go hand in hand with a strong approach to internet security. One in ten of those surveyed admitted that an IT security breach would probably cost them their business. This must be addressed, and quickly. Micro firms don’t have to become IT security experts,” said Kirill Slavin, UK managing director at Kaspersky Lab.

Do Kaspersky Lab’s figures add up, or are they actually making a mountain out of a molehill? Well, their warnings have resonated with the Federation of Small Business. The Federation’s research found that 41 per cent of small firms were hit in some way by cyber-crime in 2013, with one-in-five affected by a computer virus and one-in-ten affected by online fraud. The Federation has suggested that the reason for the high incidence of small business cyber- attacks is due to the fact that SMEs are becoming increasingly reliant on technology, and are using mobile devices, laptops and tablets more regularly. Unfortunately what they are not necessarily doing is taking adequate precautions to ensure that the information contained on these devices is protected.

So what sort of security precautions should SMEs be considering? Well, according to Mr Slavin, it’s the little things that need addressing the most:

“Most of the time it’s the IT equivalent of remembering to lock all the doors and windows when you go out, make sure you have some additional protection and not to leave valuables where others can easily see and get to them,” Slavin added.

Alex Grant, managing director of fraud prevention at Barclays, re-enforced Kaspersky Lab’s warnings and urged small businesses to take more care with cyber security and to be more aware of phishing attacks and other cyber scams. He told Computing magazine:

“Cyber-fraud affects one-in-eight small businesses every year with fraud losses to SMEs estimated at nearly £20bn. Criminals try to steal goods and the business identity through letters, a phone call, or via email. Increasingly, cyber-crime is a principal priority risk for businesses,” he said.

“Fraud can happen to any type of business in many different ways, impacting their revenue, reputation and the long-term health of the business, with no business being too small to be targeted. The most important investment a business can make is to take the time to identify where they may be at risk from fraud and reduce those risks where possible to stay in control.”

If you are concerned about the escalating security challenges facing businesses today and would like to take precautions, then why not speak to Krypsys? Krypsys’ services are focused on helping you assess your security posture against current and evolving security threats and educating you on the risks to which you are exposed. We have a wealth of experience in security projects in both the public and private sectors and have worked with organisations to protect high value information assets such as trading platforms, e-commerce systems, data-centres and cloud services. We also work with leading IT security vendors and specialist consultancies to close the gaps in your own IT security strategy and to assist in streamlining and prioritising your risk management spending.

Whether you’re looking for help with penetration testing and security reviews, or are looking for advice on security compliance and web security solutions, Krypsys can help you. For more information on web security solutions from Barracuda Networks, Check Point, Alien Vault and Netwrix, please contact Krypsys on 0845 474 3031 or [email protected].