Although you’re more likely to hear about data breaches at big corporates, a recent study has found that 61% of major incidents happened at organisations with less than 1,000 employees – SMEs.
And there’s evidence that cyber crime is becoming more prolific, with a reported 25% increase in attacks in the last year, according to the same study. Small businesses – who typically have less money and resource to put into data security, lower-level systems and often no dedicated on-site IT team are an obvious target. The nature of most partnerships and supply chains often means that a global business with huge amounts of sensitive data may well be served by a number of SMEs, making them a gateway in.
Different sectors and end clients impose different levels of security – but most are understandably stringent. This can be hard for a small business – without the economies of scale of larger organisations to invest in high-grade security – to navigate successfully. Get it wrong, however, and there could be a high price to pay, affecting not only the health of your own business, but reputation and trust in every component of the supply chain.
Nearly 60% of CEOs said they have no visibility into their employees’ password practices, according to recent research. Less than half of SMEs had any password policies in place, meaning many employees are likely to rely on bad practices like using the same password across multiple accounts and using defaults and easily compromised passwords like ‘1234’.
While it might be frustrating that most business’ biggest weakness is probably their employees, SMEs can take steps to mitigate the risks of data breaches. Simple password management systems and investing in anti-virus software could make all the difference. The same research found that 69% of London’s SMEs have outdated software and 25% have no form of anti-virus system.
Then there’s the requirements imposed by end clients in a supply chain, who may specify vulnerability scans and security management programmes be implemented, alongside a raft of physical and virtual measures, to keep their data secure.
While an average data breach might cost an enterprise $1.23m and an SME $120k, that might be enough to bring most small businesses to their knees, as well as potentially severing relationships with suppliers and clients.
Finding the right security systems and processes is therefore worth the investment. With over 25 years’ experience helping small businesses in London and the south east succeed, we’re well placed to help you navigate cyber security and decode your clients’ security requirements.
Get in touch to find out how we can improve your resilience.