Wylie & Bisset is urging SMEs to seek cyber security advice in the wake of a spate of major data breaches, cyber-attacks and changes in data legislation.
A recent cyber report highlights that the risk to UK SME’s is real and significant and that there is much to do in order to educate businesses and raise awareness of the threats that exist. It suggests that better awareness, training and process is needed to help business owners know what to do and what not to do in the event of a cyber loss.
Graham Gillespie, partner at Wylie & Bisset, said: “Cyber security refers to the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorised access.
“Amongst the challenges is a lack of IT governance around systems and data, as well as a lack of documentation for processes, policies and controls to manage IT systems and data within an organisation.
“Staff training is another big issue. There is a definite lack of effective staff training on security awareness and best practices on how to spot or deal with the likes of phishing or social engineering attacks. Better awareness training for staff can help to spot attacks.
“Our experience is that too many businesses adopt a head-in-the-sand mentality rather than seek advice. This is often a case of not wanting to take time away from ‘the day job’ and client work or worrying about the cost of security solutions. On both counts, that really is a false economy – especially if your systems are hit by a cyber-attack.
“High-quality security solutions are worth the investment; not only to head off possible attacks, but to improve your processes and procedures. Taking a cold, hard look at cyber security should involve looking carefully at your processes and seeing if they can be improved.”