Infosec 2013: PwC flags rise in SMB security breaches

Infosec 2013: PwC flags rise in SMB security breaches

Data breach

SMBs can no longer afford to assume their small size will keep them off the radar of cyber criminals and hackers, according to professional services firm PricewaterhouseCoopers.

The advisory firm used the first day of the Infosecurity Europe event in London today to showcase the results of its latest Information Security Breaches Survey.

Commissioned by the Department for Business, Innovation and Skills (BIS), the report is carried out annually, with this year's one showing a marked rise in breaches affecting small businesses.

Sixty-three per cent of small businesses reported attacks from unauthorised outsiders in the last year, up from 41 per cent a year ago, with SMBs suffering a median of 17 breaches. This is nearly double the number recorded in the previous report.

Meanwhile, the proportion of them hit by Distributed Denial of Service (DDoS) attacks over the last 12 months has also increased from 15 per cent to 23 per cent since last year's report.

Large businesses were not exempt by any stretch of the imagination, with large companies experiencing a median of 113 breaches last year. In the previous report, this figure was 71.

The report's results were discussed at length in a keynote presentation, presided over by Chris Potter, a partner at PwC, and his colleague Andrew Miller, who is a director at the firm.

During the address, Miller said it's not just that SMBs are being attacked more, but the amount of money they must shell out in the wake of a breach is rising too.

"What this shows you is that small organisations are the people in the cross hairs [of the attackers now]...and they're getting repeat breaches, with a number of them getting targeted again and again," said Miller.

"The cost of those breaches is going up as well...with the incidences themselves costing significantly more, not just to clean up, but [in terms of the] impact on their brand and the disruption to their business," he added.

However, while the number of SMBs suffering data breaches has increased, the report suggests not many of them have encountered enforcement action as a result.

"[When asked about] regulatory fines and compensation payments, small businesses haven't paid any (or at least they told us they hadn't paid any), while larger organisations [paid out] around 750 to 1,500 a year.

"When you combine that with another piece of information we have that shows 44 per cent of large organisations breached the data protection act or some other form of regulation, and 17 per cent of SMBs did likewise. But they're obviously not getting picked up and fined."

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Most Popular

How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

12 Nov 2021