Is your small business taking cyber crime seriously?
Cyber crime is definitely one of the hottest topics of the moment
Was the US election result swayed by Russian hackers? Who was behind the WannaCry ransomware attack that brought so many computers worldwide – including many in the NHS – to a standstill? And what about the Barclays research that estimates there were 5.6m cases of cyber fraud in the UK during 2016 – costing the country in the region of £11bn?
To think that cyber crime is something that affects only larger business is to ignore the reality. The government’s Cyber Security Breaches Survey this year found a quarter of firms are affected in some way at least once per month, yet only a third of them have security policies to help prevent this.
The fact is, whether you sell on the web, hold client or customer information online or keep any other sensitive data, you are a potential target for cyber criminals. If you don’t protect online information properly, then you have a disaster waiting to happen – any breach could shatter your company’s reputation and drive future customers away.
Part of the problem is that SMEs don’t necessarily have the resources to dedicate to cyber security. But if your company hasn’t prioritised this issue, you need to act fast. On 25 May 2018, the EU’s General Data Protection Regulation (GDPR) comes into force and the fines for non compliance are likely to be crippling – the PCI Security Standards Council estimates UK small businesses are likely to be on the hook for £52bn worth of penalties.
So how do you take steps to ensure your data is secure?
Without doubt, the best plan is to consult professionals who understand cyber security and the demands of GDPR.
If your budget won’t stretch to that, the government publishes useful guidance called 10 Steps to Cyber Security as well as a dedicated Cyber Essentials website. The latter contains a self-assessment questionnaire, as well as the opportunity to apply for Cyber Essentials accreditation – which is mandatory if you ever bid for government contracts.
And if you don’t take action?
The reality is that cyber crime is becoming ever more sophisticated, and unless you take the right steps your business could find it becomes a very easy target. It’s just not worth risking your reputation and future – or, indeed a very large fine.
So make sure you take the necessary steps to ensure compliance with the new GDPR rules which will take effect in under a year’s time. Chat with the team at THP Chartered Accountants to see how we help service businesses like yours.