Introduction

From advertising and selling to communicating with customers, the internet provides UK businesses with a wealth of opportunities. As a result, e-commerce has increased exponentially in recent years. A recent survey on security breaches carried out for the Department for Business, Innovation and Skills (2013 Information Security Breaches Survey) has revealed that cyber security threats to businesses have hit record levels – with smaller businesses now as exposed as larger organisations.

Increase in Cyber Attacks

The survey revealed a number of alarming findings, including:

  • Over the past year several cyber attacks have caused over £1 million worth of damage each.
  • 87% of small businesses experienced a security breach last year (10% increase on last year).
  • 93% of large businesses were also targeted.
  • The worst kind of security breach to small and large businesses cost between £35,000 - £65,000, and £450,000 - £850,000 respectively.
  • Staff-related incidents have increased significantly.

Government Guidance Issued

In response, the UK government has published guidance (Small Businesses: What you need to know about Cyber Security) which provides a succinct overview of cyber security risks and how businesses can manage them to protect themselves. As the guidance explains, small businesses can ensure they are protected by:

  • Managing risk.
  • Increasing staff awareness and providing training.
  • Increasing network security and protection against malware.
  • Providing guidance for businesses that outsource their IT services.

The guidance also refers to personal data, outlining that small businesses must know whether or not they need to comply with the Data Protection Act 1998 and, if so, have robust procedures in place to keep personal data safe. By offering guidance it is clear that the UK Government is taking the issue of cyber security very seriously. This is further highlighted by the fact that the Technology Strategy Board has extended a scheme allowing small and medium-sized enterprises (SMEs) to bid for up to £5,000 to improve cyber security.

"Recommended Reading" for Small Business Owners

The guidance has been described as "recommended reading" for all small business owners to raise awareness that protection against cyber attacks should become an integral part of the businesses risk management process. It is hoped that the guidance will assist in protecting the assets and customers of smaller businesses and accordingly give owners reassurance. Further, the guidance specifies that through effective planning and prevention methods businesses will save money and gain a competitive advantage if they are seen to be safe and take security seriously. Taking all of these factors into account the question to ask yourself is - are you and your business protected?