SME Cyber Security Concerns On The Rise

Concern About Cyber Security Has Risen For The First Time In 12 Months


Steven Beahan, Partner | +44 (0)114 294 7868

For the first time in 12 months, concerns about cyber security risks among UK SMEs have risen.

The Zurich SME Risk Index rose from 41.68 in the fourth quarter of 2013 to 43.19 in the first quarter of this year, suggesting that small businesses across the country are becoming more aware of the risks posed by hackers and cyber terrorists.

According to IT Pro Portal, 45 per cent of all decision-makers surveyed as part of the insurance company's study expressed concern about technological vulnerabilities at their firm. This was a rise of 12 per cent from the same point in the first quarter of 2013, and may be related to the ongoing Edward Snowden scandal.

Further to this 37 per cent of those questioned identified cyber-attacks as "one of the biggest dangers faced" by the business community. A higher figure has never been recorded before.

Richard Coleman, of Zurich Insurance, said: "With concern about risk rising amongst SMEs for the first time in 12 months in the wake of a number of high-profile security threats, worries about tech vulnerabilities are increasingly an issue for business owners."

This is not the first time that cyber risks to SMEs have been highlighted, but does show an increasing willingness among the UK's private sector to take action.

A 2013 global study from the Ponemon Institute found that 44 per cent of respondents said IT security is not an issue regularly brought up among upper executives at meetings, while a further 42 per cent described their data defence budget as "inadequate".

Gerhard Eschelbeck, chief technology officer at anti-virus firm Sophos, told Computer Weekly: "SMEs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture."

One of the biggest priorities, according to the Ponemon Institute study, should be to designate an internal head of cyber security, as 31 per cent of companies admitted nobody is in charge of data protection.

Expert Opinion
Small businesses can only develop their offerings if they have a solid foundation established from which they grow. Using online systems and platforms is simply a part of 21st century business, which means SMEs often have a large amount of information – on themselves and clients – stored in areas which could be vulnerable to cyber security threats.

"Organisations need to ensure they have the right tools in place to protect their core, business-critical information or else they could not only leave themselves susceptible to attacks but in the process end up breaching key intellectual and data protection regulations.

"We would urge small businesses to regularly examine and review their systems to ensure they are robust and provide the right protection, while anyone with concerns should speak to legal advisers to get the lowdown on their key data responsibilities."
Steven Beahan, Partner