IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Infosec 2013: PwC flags rise in SMB security breaches

Infosec 2013: PwC flags rise in SMB security breaches

Data breach

SMBs can no longer afford to assume their small size will keep them off the radar of cyber criminals and hackers, according to professional services firm PricewaterhouseCoopers.

The advisory firm used the first day of the Infosecurity Europe event in London today to showcase the results of its latest Information Security Breaches Survey.

Commissioned by the Department for Business, Innovation and Skills (BIS), the report is carried out annually, with this year's one showing a marked rise in breaches affecting small businesses.

Sixty-three per cent of small businesses reported attacks from unauthorised outsiders in the last year, up from 41 per cent a year ago, with SMBs suffering a median of 17 breaches. This is nearly double the number recorded in the previous report.

Meanwhile, the proportion of them hit by Distributed Denial of Service (DDoS) attacks over the last 12 months has also increased from 15 per cent to 23 per cent since last year's report.

Large businesses were not exempt by any stretch of the imagination, with large companies experiencing a median of 113 breaches last year. In the previous report, this figure was 71.

The report's results were discussed at length in a keynote presentation, presided over by Chris Potter, a partner at PwC, and his colleague Andrew Miller, who is a director at the firm.

During the address, Miller said it's not just that SMBs are being attacked more, but the amount of money they must shell out in the wake of a breach is rising too.

"What this shows you is that small organisations are the people in the cross hairs [of the attackers now]...and they're getting repeat breaches, with a number of them getting targeted again and again," said Miller.

"The cost of those breaches is going up as well...with the incidences themselves costing significantly more, not just to clean up, but [in terms of the] impact on their brand and the disruption to their business," he added.

However, while the number of SMBs suffering data breaches has increased, the report suggests not many of them have encountered enforcement action as a result.

"[When asked about] regulatory fines and compensation payments, small businesses haven't paid any (or at least they told us they hadn't paid any), while larger organisations [paid out] around 750 to 1,500 a year.

"When you combine that with another piece of information we have that shows 44 per cent of large organisations breached the data protection act or some other form of regulation, and 17 per cent of SMBs did likewise. But they're obviously not getting picked up and fined."

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Most Popular

Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022
Windows 11's nifty new search feature has one major downside
Microsoft Windows

Windows 11's nifty new search feature has one major downside

23 May 2022