SMEs 'Underestimate Cyber Attacks'

New Research From Kaspersky Lab Has Shown Complacency About Cyber Attacks Is Rife Among SMEs

18.03.2014

Fergal Dowling, Partner | +44 (0)121 214 5476

The majority of small businesses believe they are not at real risk of cyber attacks.

A new study from antivirus company Kaspersky Lab has found that three-quarters of SMEs believe their business is too small to be of any interest to hackers.

This is particularly problematic considering that cyber security breaches at startups are rapidly increasing in number, with weak passwords and a lack of safeguards putting companies at risk of both monetary and reputational loss, reports Computer Weekly.

One of the main reasons behind this is that 59 per cent of those surveyed by Kaspersky believe the information they hold on their computers or cloud drives is not worth anything and would not be a target for theft.

But this is often untrue and a lack of awareness could lead to vital financial information being leaked online, which could give competitors an advantage or even lead to legal action if the correct protocols were not in place to protect staff details.

Earlier this week it was revealed that the financial details of thousands of Morrisons staff had been posted online.

The story emerged after a member of the public sent a disc with the information on it to a local newspaper, which published the story and caused the supermarket chain to endure a great deal of negative publicity.

David Emm, senior security researcher from Kaspersky Lab, said SMEs need to start taking cyber security more seriously, as they risk significant financial harm if they do not.

"For example, if the SME in question is a widget supplier to a big name, a cyber criminal can sneak into their system if insecure and steal information that will make it easier for them to gain access to the larger company's infrastructure, putting both them and their associates at risk," Mr Emm told Computer Weekly.

Part of this effort to prevent cyber attacks should involve educating staff who, according to Mr Emm, are often unaware of the importance of keeping key information safe.

Expert Opinion
While many small businesses may simply believe they are not large enough to be the target of hackers or other cyber security issues, they cannot afford to ignore the issue of data security and the need to take all necessary steps to protect key information they hold in relation to themselves and any key clients.

"There are numerous key regulatory issues that small businesses need to bear in mind as they continue to grow and failure to do so could be damaging both financially and in a reputational sense.

"We would urge any small firms with concerns on such issues to always seek legal advice and ensure they have the right support available on matters such as data protection when they need it."
Fergal Dowling, Partner