According to new research released today by the British Chambers of Commerce (BCC), one in five British businesses were hit by a cyber-attack in the last 12 months.
The report surveyed more than 1200 businesses across the UK. Of these businesses, 96 percent were SMEs, 22 percent operate in the manufacturing sector and 78 percent operate in the services sector.
Big businesses are more likely than smaller ones to be victims of attacks (42 percent of companies with more than 100 staffers, compared to 18 percent of companies with less than 99 employees).
Compared to banks and financial institutions (12 percent) or police and law enforcement (two percent), businesses are most reliant on IT providers (63 percent) to resolve issues after an attack.
It was also indicated that 21 percent of businesses believe the threat of cyber-crime is preventing their company from growing.
Only a quarter (24 percent) of businesses have cyber-security accreditations in place. Smaller businesses are far less likely to have accreditation (10 percent of sole traders and 15 percent of those with less than five employees) than big businesses (47 percent with over 100 employees).
Half of the businesses that do have accreditations feel it gives their business a competitive advantage over rival companies. A third (33 percent) consider it important in creating a more secure environment when trading with other businesses.
Mark Stollery, managing consultant, enterprise and cyber-security, UK and Ireland at Fujitsu told SC Media UK: “News that one in five British companies have been subject to cyber-attack illustrates that as a nation we are still failing to get on top of cyber-crime. It is interesting however that only one in five businesses have said that they have been hit by a cyber-attack, and begs the question of whether they actually understand what a cyber-attack looks like.
“Every business has a target on its back in today's digital currency era and it is imperative therefore that organisations both large and small take a proactive approach when it comes to security. Organisations need to think about what data they need to protect and focus on the integration of threat intelligence and other information sources, to provide the context necessary to deal with today's advanced cyber-threats.”
David Navin, corporate security specialist at Smoothwall stressed the importance that companies must protect themselves and have a plan in place in the event of an attack. “These latest findings highlights the inescapable fact that security breaches are very much a threat that needs to be at the top of every boardroom's agenda. It is essential to have enterprise grade security solutions in place beginning with firewalls, encryption and good security software. Security needs to be taken seriously at all points of the organisation, to ensure that all employees understand the risks of their actions and know the security processes in place should an incident occur, in order to mitigate the risks in the event of a breach.”