Small and medium-sized enterprises (SMEs) are being urged to improve their cyber security following a string of recent hacks affecting large companies such as Ticketmaster and Dixons Carphone in recent weeks.
In a report in The Telegraph this week, cyber security experts and fraud prevention specialists are reminding small businesses of the potential risks they face – and trying to raise awareness of the importance of cyber security in the age of the General Data Protection Regulation (GDPR).
Last month, worrying research carried out by insurance company Zurich revealed that one in six SMEs had suffered at least one cyber attack in the past year.
The group’s SME Risk Index also highlighted the potential costs SMEs can face, having found that one fifth of small businesses affected by a breach had spent between £10,000 and £40,000 putting things right.
Some spent more than £50,000, yet separate research continues to suggest that many businesses are not taking cyber security seriously.
Edward Whittingham, a former police officer and founder of cyber security firm Business Fraud Prevention Partnership, warned that cyber attacks were growing increasingly common – and that many SMEs were underestimating the sheer scale of cybercrime.
“Historically, there has been a perception that cyber attacks are conducted by teenagers or rogue individuals, but this just isn’t the case,” he said.
“They’re now conducted on a large scale by serious and organised crime gangs who, for pocket change, can purchase the tools that they need to carry out attacks on the dark web.”
He said that businesses ought to view the data they hold as “absolutely business critical” and ensure that they are fully compliant with the GDPR as well as doing all that is in their power to ward off attackers.
Under the GDPR, businesses can potentially be fined up to €20 million or four per cent of annual turnover, whichever is higher, for serious data breaches.