UK SMEs Don’t Have Cybersecurity Recovery Plans

Following the WannaCry cyber-attack and the IT collapse at BA, research shows business still don't have a cyber security plan.

Nearly half (45 per cent) of small businesses don’t have a cyber security plan for their business according to research by Smith & Williamson, the accountancy, investment management and tax group.

The recent WannaCry cyber-attack crippled parts of the NHS as well as other high profile companies such as Nissan and Renault and the effects are still being felt. However, despite the well-publicised effect of what was a relatively low tech attack, recent research has indicated that many small businesses do not have a plan for their business should they find themselves in a similar situation.

‘For an investor, a business that has thought about their cyber security and has more control of their tech estate can be more attractive for investment. It shows that they take these things seriously and is a reflection of the culture and values the company has,’ says Fergus Caheny, partner and head of technology at Smith & Williamson.

‘A well thought out, and developed, cyber security plan tends to translate to a business that can identify and react appropriately to the many factors affecting their business. Control of their tech estate is key for any well-managed company. It is now, and increasingly in the future, one way for an investor to get to the heart of a business and ascertain the true nature of the management and the culture within.
‘We wouldn’t expect all early stage businesses to be spending extravagant amounts on developing a plan and high-tech software. However, the owners and managers should be able to demonstrate that they have thought of the problems and have a plan should the worst happen. Equally we would expect the tech investment to scale and grow as the business does.’

One example where cyber security will come to the fore is the new General Data Protection Regulation (GDPR), which takes effect from 25 May 2018. It is sweeping regulation that affects almost every business that has, keeps or uses personal data.
The regulation aims to give individuals more control over how their personal data is used. It imposes requirements for organisations to have cyber security rules and plans in place, with the consequences for failing to comply being very substantial fines.

‘The issue of cyber security is not going away. Investors need to be confident that a business is prepared otherwise this could jeopardise existing and future investment. A company who does not have a full handle on their tech estate now is in a race against time to ensure they do before next May,’ concludes Fergus.

Small Busines UK:    Image: Nick Youngson

You Might Also Read:

SMEs And Cyber Insurance:

Cyber Security Myths for SMEs (£):

Eight Steps To The GDPR Countdown:

 

 

« North Korea, WannaCry, Cyberattacks And Lazarus
Australia Implements Mandatory Data Breach Reporting »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Hack Miami

Hack Miami

HackMiami is the premier resource in South Florida for highly skilled hackers that specialize in vulnerability analysis, penetration testing, digital forensics, and all manner of IT security.

BruCERT

BruCERT

BruCERT is the referral agency for dealing with computer-related and internet-related security incidents in Brunei Darussalam.

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

PrimaTech

PrimaTech

PrimaTech provide process safety, cyber and process security, and risk management consulting, training and software for the process industries.

Atea

Atea

Atea is the market leader in IT infrastructure for businesses and public-sector organizations in Europe’s Nordic and Baltic regions.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

Caulis

Caulis

Caulis FraudAlert is a cyber security solution. It can detect fraud and identity theft based on users’ online behaviour.

Peraton

Peraton

Peraton provides innovative solutions for the most sensitive and critical programs in government today, developed and executed by scientists, engineers, and other experts.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

E2E Technologies

E2E Technologies

E2E Technologies are a proactive, SLA-beating, managed service provider that busts the common stereotypes surrounding IT.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Cyber7

Cyber7

CYBER7 is a National Cyber Security Innovation community initiated by Israel National Cyber Directorate, Ministry of Economy and Israel Innovation Authority led by Tech7 – Venture Studio.

NXM Labs

NXM Labs

NXM is a leader in a leader in advanced cybersecurity software for connected devices.

ASRC Federal

ASRC Federal

ASRC Federal’s mission is to help federal civilian, intelligence and defense agencies achieve successful outcomes and elevate their mission performance.

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.