The UK Government is Offering £5000 Cyber Secure Vouchers to SMEs

Uploaded on 2015-08-10 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

solent-cyber-security-cluster-2-bis-presentation-8-638.jpg?cb=1421748751Under the UK The UK Government’s new £1m cybersecurity innovation vouchers scheme, micro-, small- and medium-sized businesses will be offered up to £5000 worth of vouchers for advice on how to boost their cybersecurity and protect their valuable intellectual property from prying eyes.

Given the major headlines over the past year, whether it is Sony or JP Morgan, it would be easy to assume that cyber-criminals only prioritize big multinational organizations over the likes of smaller businesses. Whilst these larger corporations are undeniably under constant threat from attack, headlines tend to distract from the threats facing the growing businesses who characteristically have more vulnerable systems and highly prized intellectual property.
This is reflected in the level of confidence many small businesses have assumed when it comes to cybersecurity. According to a survey by Zurich Insurance Group, this constant threat is seen as less of a danger than a natural disaster or fire damage, with only 6.9% of small- to medium-sized businesses in Europe citing cybercrime as the biggest risk to their company. 

A 2014 survey by the Federation of Small Businesses proved that over half of SMBs in the UK have been victimized by cyber-attack. It is these businesses the government is looking to aid with the free provision of cybersecurity advice.
A lack of visibility constitutes a large part of what makes SMBs such prime targets. Attempting to hack large businesses quickly grabs the attention of law enforcement and government agencies and is often well documented by the media. Attacking smaller businesses, on the other hand, allows hackers to operate largely under the radar whilst still wreaking enormous damage.

But it’s not just the assets held by SMBs that are attracting malicious actors. These new vouchers must also address a growing supply-chain risk. For the ambitious hacker, successfully breaching the defenses of a high street shop isn’t necessarily an end goal; it could simply provide a route to much bigger rewards. By infiltrating the network of a smaller supply-chain partner, experienced cyber-criminals can gain back-door access to the larger company’s systems, bypassing the robust defenses they have elsewhere in the network. 
 
Despite hacks like the Target breach demonstrating the effectiveness of this strategy, small firms actually cut their security spending by 20% in 2014, compared to a 5% increase in security investments by larger companies. It’s clear then that the news stories alone aren’t enough to adjust the course many small businesses are firmly set on when it comes to cybersecurity.

Offering financial incentives to promote security amongst small businesses is certainly the right strategy for the government to have adopted. The smaller budget of SMBs greatly limits their security spending when compared to larger enterprises, resulting in more vulnerabilities. In addition to this, internal security expertise is quite expensive, meaning these susceptible companies often aren’t able to seek the guidance needed to safeguard themselves from enterprise-scale attacks.
In this way, the £5000 grant for consultation will offer SMBs the opportunity to hire an external security consultant, which goes some way towards addressing ongoing problems in their security system. However, the grant will not cover the cost of implementing all the security controls and changes that consultant recommends.

Looking more towards the future of this scheme and others with similar goals of improving the resilience of corporate networks, it will be important for public bodies to realize funding also needs to deliver on a more direct level. Offering advice on the Cyber Kill Chain is all well and good but it still cannot offer the defense-in-depth that will ultimately give them the chance to defend their network right until the very last stage of an attack.

Pairing a campaign to improve understanding and cyber-strategy among small business leaders with a financial incentive scheme for adopting the right controls and solutions will give both small businesses and, through their supply-chain, big businesses, a better chance at avoiding the headlines.
InfoSecurity:  http://bit.ly/1Ke01Ew

« Interpol is Training Police to Fight DarkNet Crime
Will Robots Eliminate Many Humans From the Workplace? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Echoworx

Echoworx

Echoworx primary and exclusive focus is providing organizations with secure email services.

NITA Uganda (NITA-U)

NITA Uganda (NITA-U)

NITA-U has put in place the Information security framework to provide Uganda with the necessary process, policies, standards and guideline to help in Information Assurance.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

C5 Capital

C5 Capital

C5 Capital is a specialist investment firm that exclusively invests in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Trusted Cyber Solutions

Trusted Cyber Solutions

Trusted Cyber Solutions is an independent Cyber Security and Risk Management consultancy.

Bittnet Training

Bittnet Training

Bittnet Training is the leader in the IT Training market in Romania. We develop the IT skills of IT professionals as well as those who wish to start a career in IT.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.

NewsGuard Technologies

NewsGuard Technologies

NewsGuard provides transparent tools to counter misinformation for readers, brands, and democracies.

Vambrace Cybersecurity

Vambrace Cybersecurity

Vambrace is an experienced cybersecurity consultancy and operations outsourcer helping you to secure your business in an increasingly-hostile cyber environment.

ClearFocus Technologies

ClearFocus Technologies

ClearFocus Technologies provides advanced cybersecurity services that secure our nation’s most sensitive assets.

Kaine Mathrick Tech (KMT)

Kaine Mathrick Tech (KMT)

KMT deliver comprehensive cyber-first outsourced technology support and solutions that scale with your business.

CoNetrix

CoNetrix

CoNetrix is a full service computer networking, software development, and security and compliance firm built on the principles of integrity, innovation, and initiative.