Following a new report by the British Chambers of Commerce (BCC), which found that 1 in 5 UK firms had been hit by a cyber attack in the past year, the BCC’s director general, Dr Adam Marshall, said that all businesses need to shore up their cyber defences.
“Cyber attacks risk companies’ finances, confidence and reputation, with victims reporting not only monetary losses but costs from disruption to their business and productivity,” he said.
The report found that larger businesses are the most likely to be attacked. Over two-fifths (42%) of companies with more than 100 employees had been attacked, compared to 18% of companies with fewer than 99 employees.
Threat of cyber crime is hampering growth
Less than a quarter (24%) of businesses polled by the BCC said they had cyber security accreditations in place to guard against hacking, despite the rising danger of attacks and increasing publicity over the threats they present.
A similar number (21%) said they thought the threat of cyber crime could be hampering their company’s growth. This reaffirms the findings of last month’s Cyberthreat Defence Report, which found that businesses believe their biggest obstacles in creating an effective cyber defence were low security awareness among employees and a lack of skilled personnel.
Organisations that do have cyber security accreditations are at a major advantage, according to the report. Nearly half (49%) of accredited organisations said their accreditation gives them a competitive advantage over rival companies, and 33% consider it important in creating a more secure environment when trading with other businesses.
Be proactive about cyber security
Companies need to be “proactive about protecting themselves from cyber attacks,” Dr Marshall said, rather than relying on IT support providers to respond to attacks after they’ve happened.
Mitigating the risk of data breaches is an essential part of any business’s security strategy. To identify vulnerabilities that could cause data breaches, companies should conduct regular penetration tests.
IT Governance offers a number of penetration testing services to rank and rate vulnerabilities. Unlike traditional testing companies who make the whole thing hard, we’ve made it easy. If you buy a Level 1 penetration test, which is a cost-effective solution at a fixed price, you’ll get easy-to-understand and easy-to-remediate results quickly. Then, if required, you can conduct a more advanced Level 2 test, which aims to identify methods a criminal hacker could use to gain control of your system, enabling attacks deeper into your network.
We’re CREST-accredited, and our testers are experts in many standards and regulations, including the PCI DSS, ISO 27001 and the GDPR.