IT staff believe their own companies are keeping cyber attacks secret

SMBs faced an average of five breaches in the last year - but employees feel their companies are covering these up

Almost one in four IT decision makers in small and medium-sized businesses (SMBs) across the UK believe successful cyber attacks are being covered-up by their own companies - a problem given under GDPR they should be reported.

Trust is even worse in companies numbering between 50 and 99 employees in particular, as just over half of IT leaders, 51%, feel their companies have kept secret at least one successful cyber attack in the last 12 months.

According to research commissioned by Appstractor Corporation, SMBs in the UK on average faced at least five cyber threats in the last year, with 19% of companies facing as many as ten attacks. This was as many as 20 for 2% of firms, while every respondent said their firm faced at least one cyber attack during this period.

Titled 'Under attack: Assessing the struggling of UK SBMs against cyber criminals', the report - comprising a survey of 500 IT decision-makers - also shone light on the anxieties SMBs suffer, and their preparedness versus large businesses.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Fewer than half of IT bosses, feel their cyber security software has managed to keep up with the complexities of the threats they face - with a third of believing this puts their firms at a higher risk than big business counterparts.

"While big corporations grab many of the cyber security headlines and pop up in UK cyber security statistics frequently, it is actually SMBs which are a prime target for criminals who are able to deploy easily available tools and software to automatically mass target thousands of small companies at once, with as much effort as it would take to target a single small business," said Appstractor's Raizy Zelcer.

"SMBs also suffer from the fact that many are operated by only a few people and most don't have the cash or resources to fund a full time IT department, so cannot completely protect themselves.

"Even when they try, employees often crop up as a serious threat in their own right as the education around cyber security and online encryption is worryingly limited among UK workers."

With employees themselves pinpointed as the number one weakness in SMBS' cyber security outlays, those questioned generally agreed that flexible and remote working has led to a heightened cyber threat - 49% versus 14% (while 22% were unsure and 15% did not offer such arrangements).

Meanwhile with the European Union's General Data Protection Regulation (GDPR) recently in force, expectations are high for companies to bolster their cyber security policies and practices to protect themselves against breaches.

Advertisement - Article continues below

But the report found an overwhelming 75% of SMBs have admitted to not upgrading their cyber security policies - with a third of these companies believing their policies are "robust enough" to deal with any cyber threats they may face.

"This research has revealed a staggering lack of preparedness amongst SMBs, many of whom are either still in the process of reviewing their security policies in line with GDPR, or are yet to even start the process," the report concluded.

"Businesses are more data dependent than they have ever been, and small businesses in particular need to be aware of the risks and threats they face from criminals looking to take advantage of weak cyber security."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020