Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

UK small businesses in the dark about cyber security, with over half not prepared for data breaches

by The Gurus
July 7, 2015
in Editor's News
Share on FacebookShare on Twitter

Despite an increased sense of awareness and frequent headlines of data breaches amongst well-known brands, small businesses in the UK still do not seem to understand that they are as much at risk of cyber attacks as large enterprises.
New research by CSID, a leading provider of identity protection and fraud detection solutions, shows that 52 percent of small businesses in the UK are not taking any preventative measures to protect themselves against cyber crime[1]. Furthermore, the study found that the vast majority (85.3%) do not have any plans to increase their budgets for security implementation, and less than 13 percent are working with a third party vendor to protect themselves.
This research coupled with findings from PWC’s recent 2015 Information Security Breaches Survey[2], demonstrate the enormity of the cyber security challenges small businesses face. PWC’s survey found that 74 percent have had a security breach in the last year, up from 60 percent in 2014. Not to mention, a breach is costly to a small business, with the average cost reaching between £75,000 and £311,000 – with the higher end reaching more than four times the average cost in 2014 (£65,000).
The following insights were found when small businesses were asked by CSID what their main concern is in the event of a data breach:

  • Half of respondents (53%) were concerned their reputation would be damaged.
  • Despite reputation being a main concern, 47 percent of respondents are monitoring what is written about their brands online, and less than 15 percent have a social media policy in place.
  • Only 9 percent were worried about the negative impact on employees.

“While monitoring what is written about your business online is a good practice, we’re surprised by the lack of employee education and social media policies in place,” commented Andy Thomas, managing director of CSID in Europe. “It seems that time and again businesses misjudge the element of staff related security breaches which appear to be increasing every year. Yes, there will always be threats from malware, phishing and DOS, but never underestimate the human factor.”
Examining small business attitudes toward various types of threats, the research found that half of respondents indicated that they are most concerned with undetected malware, 33 percent stated phishing attacks, and the least concerning type of threat appears to be Bring Your Own Device (BYOD) with only 2 percent of answers.
To demonstrate just how effortlessly cyber criminals are targeting and exploiting small businesses, CSID recently developed a mock business, Jomoco, a fictitious coconut water company and built its presence online[3]. CSID also created two fabricated employees, allowed for common mistakes in their personal and work email accounts, and then watched Jomoco become the target for real cyber criminals to hack. Within one hour, the employees were locked out of their email and social accounts, the business web page was defaced, and more.
“By sharing secure details, such as login information and financial information, the two fictitious employees helped hackers bring a fledgling small business to a complete halt. Understanding and educating employees about the security threats associated with establishing and running a business should be the first step in mitigating risk,” concluded Thomas.
In the event of a breach, the CSID survey found that 63 percent of small businesses would most likely turn to their insurer, bank, lawyer or IT supplier for assistance; the police being the least likely first point of call. The findings indicate how important these relationships are and the responsibility these organisations have in assisting clients. Yet, a staggering 68 percent of respondent state that their IT service provider has not provided them with any information regarding data breaches and 68.6 percent confess to not having a disaster recovery or business continuity plan in place.
Steps small businesses should take to mitigate the risk of a data breach:
1)  Develop security policies early and educate employees
Ensure employees understand the importance of workplace cyber security. Create and enforce password, BYOD and social media policies from day one. The more well educated the workforce is on the importance of security, the more likely they will be to employ better online habits at work and at home.
2)  Monitor employee and customer credentials
Take advantage of software solutions that can help monitor the security of your business. A monitoring service can keep track of your business’ overall health and mitigate the risk of breach. Small business owners should also consider monitoring employee and customer credentials to detect fraudulent activity.
3)  Create a breach preparedness plan
Have a breach preparedness plan in place. Practice transparent communication with the public and affected parties. Hiding details about a breach breeds distrust with customers, which can affect your business reputation. While damage control plan may not reduce the cost of repairing the breach, it can keep customer relationships in tact and diminish reputation damage.

FacebookTweetLinkedIn
Tags: BYODCSIDCyber AttackCyber CrimeCyber Securitydata breachinformation securityinfosecinfosecurityit securityMalwarePhishingPWCsecurity
ShareTweetShare
Previous Post

What you don’t know, won’t scare you

Next Post

ITSG NEWS – Hacking Team Hacked!

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information