This week, we’re joining together with other organisations to offer advice to the UK’s 4.5 million small and medium sized businesses as part of Small Business Advice Week.
One thing I know well from my day-to-day role at Barracuda is UK SMBs are increasingly recognising cyber security’s value. This was also echoed by research we carried out in conjunction with Small Business Advice Week, which surveyed 607 business decision makers around the UK.
Comfortingly, four in five respondents viewed cyber security as a necessity. The majority (64%) also have a specific cyber attack plan in place, and 80% of respondents confessed that their business’s revenue would be impacted by a cyber attack. A further 59% believed this would happen within a week of their systems being offline.
These results are generally promising, showcasing a high awareness of the potential havoc a cyber attack can cause. Cyber security cynics are clearly in the minority, with just 5% thinking they don’t need a cyber attack and 9% viewing cyber security as a hindrance.
Back to school
It would appear that some organisations still have a long way to go in terms of cyber security education, as 30% do not have a cyber attack plan in place at all. In 2017, a security contingency plan is incredibly important, especially to a smaller business that can be seriously disrupted by an attack of this nature.
What’s more concerning is that a significant amount of SMBs are seriously unprepared to meet the upcoming EU General Data Protection Regulation (GDPR) when it comes into force in less than a year’s time. This lack of awareness around GDPR seems to be fairly widespread, with 30% of respondents unprepared to meet the GDPR and a third (33%) unaware of the implications it will have on their organisation.
In fact, over 50% of respondents do not think the GDPR will affect their business at all. As the regulation brings with it increased fines of up to €20 million or 4 per cent of turnover (whichever is greater), organisations will be punished greatly for noncompliance.
SMBs often mistakenly believe they aren’t the ‘real’ targets of cybercriminals, and that attackers would rather focus their efforts on enterprises. However, often criminals prey on small businesses, assuming they have less cyber security resource to leverage.
From May 2018, not only will data breaches undermine your company’s trust – and lots of smaller businesses out there depend heavily upon customer loyalty – but they can also very easily impact your bottom line. Increased fines or failing to comply with the GDPR may well leave a sizable dent in your organisations. Managing the aftermath of a cyber attack has now in many cases become more expensive than proactively preventing it from happening in the first place.