UK SMEs Don’t Have Cybersecurity Recovery Plans

Following the WannaCry cyber-attack and the IT collapse at BA, research shows business still don't have a cyber security plan.

Nearly half (45 per cent) of small businesses don’t have a cyber security plan for their business according to research by Smith & Williamson, the accountancy, investment management and tax group.

The recent WannaCry cyber-attack crippled parts of the NHS as well as other high profile companies such as Nissan and Renault and the effects are still being felt. However, despite the well-publicised effect of what was a relatively low tech attack, recent research has indicated that many small businesses do not have a plan for their business should they find themselves in a similar situation.

‘For an investor, a business that has thought about their cyber security and has more control of their tech estate can be more attractive for investment. It shows that they take these things seriously and is a reflection of the culture and values the company has,’ says Fergus Caheny, partner and head of technology at Smith & Williamson.

‘A well thought out, and developed, cyber security plan tends to translate to a business that can identify and react appropriately to the many factors affecting their business. Control of their tech estate is key for any well-managed company. It is now, and increasingly in the future, one way for an investor to get to the heart of a business and ascertain the true nature of the management and the culture within.
‘We wouldn’t expect all early stage businesses to be spending extravagant amounts on developing a plan and high-tech software. However, the owners and managers should be able to demonstrate that they have thought of the problems and have a plan should the worst happen. Equally we would expect the tech investment to scale and grow as the business does.’

One example where cyber security will come to the fore is the new General Data Protection Regulation (GDPR), which takes effect from 25 May 2018. It is sweeping regulation that affects almost every business that has, keeps or uses personal data.
The regulation aims to give individuals more control over how their personal data is used. It imposes requirements for organisations to have cyber security rules and plans in place, with the consequences for failing to comply being very substantial fines.

‘The issue of cyber security is not going away. Investors need to be confident that a business is prepared otherwise this could jeopardise existing and future investment. A company who does not have a full handle on their tech estate now is in a race against time to ensure they do before next May,’ concludes Fergus.

Small Busines UK:    Image: Nick Youngson

You Might Also Read:

SMEs And Cyber Insurance:

Cyber Security Myths for SMEs (£):

Eight Steps To The GDPR Countdown:

 

 

« North Korea, WannaCry, Cyberattacks And Lazarus
Australia Implements Mandatory Data Breach Reporting »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

HackRead

HackRead

HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

Cellebrite

Cellebrite

Cellebrite delivers comprehensive solutions for mobile data forensics and mobile lifecycle management.

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

National Cyber Summit (NCS)

National Cyber Summit (NCS)

The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation's infrastructure from the ever-evolving cyber threat.

GlassSquid

GlassSquid

glasssquid.io simplifies your cyber security job search. We want to help you find your next perfect fit opportunity by removing the confusion.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

YesWeHack

YesWeHack

YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered) to identify and report vulnerabilities in their systems.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

Revere Technologies

Revere Technologies

Revere Technologies is a pure-play cyber security solutions and services provider in Sub-Saharan Africa.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.

DOT Europe

DOT Europe

DOT Europe is a consensus based organisation which brings a diverse membership together to agree on their collective stance on EU tech policy.

AmiViz

AmiViz

AmiViz is the first B2B enterprise marketplace focussed on Cybersecurity business in the Middle East and Africa, designed specially to serve the interests of enterprise resellers and vendors.