90% of UK businesses risk cyber-attacks and fines due to IT weaknesses
Two years of economic turbulence and supercharged adoption of new digital solutions and technologies have put the UK’s small to medium sized businesses (SMEs) in a continuously precarious position – and new data shows just how vulnerable they are.
Data from Konica Minolta has revealed that around 90% of SMEs are risking significant fines and reputational damage due to potentially fatal weaknesses in their IT and data management and compliance.
The data security vulnerabilities varied from data protection issues (such as insecure storage of financial details) to unsecured personal data, covered by lock tight GDPR laws and therefore can cause massive fines. Many were also found to lack essential software updates and patches, not only for endpoint hardware but also on servers containing all core data systems – and therefore the ability to avoid downtime and keep operations functioning.
This paints a bleak picture in any context. However, the cyber landscape, with its ever-growing rate of crime, as well as the fact that SMEs are now seen as far more of a valuable and worthy target than they once were, combines to ensure a constant and growing supply of cyber risks for Britain’s businesses.
Data from Check Point shows that there has been a 50% increase in global cyberattacks per week on corporate networks in 2021 compared to 2020. The results highlight the industries with the highest number of cyberattacks: the education and research sectors increased the most, with a jump of 75%. Government sector attacks saw a 47% increase, while attacks on healthcare organisations increased by 71% in 2021. Communications (51%) and ISP/MSP (67%) were also in the top five most-targeted sectors. Europe was the most targeted global region, with attacks increasing by 68%. North America followed with 61% and Latin America with 38%.
Erik Sönnerskog, head engineer at zsah, a leading managed-IT company, discussed what these vulnerabilities mean for Britain’s SMEs:
“Everyone knows or should know that cybersecurity is a hot-button issue right now, and for a good reason – however, the sheer number of threats and vulnerabilities out there is astonishing.
What is particularly surprising is that it is not just the cybersecurity practices of IT teams and those working from home that need to be reinforced and prioritised, but also data compliance. How and where organisations store data is often as or more important than the walls of security we put this data behind – as failure to do so risks not criminal damage, but certified monetary and reputational loss.”
Erik continued: “Of course – this is easier said than done. The rush to digitise to support workers who could only work from home and the fact that smaller and smaller businesses, with fewer resources, are having to devote time and resources to digital transformation, has increased the number of operations and data held online – potentially without the right protections.
Business who may struggle to manage their own IT resources should consider outsourcing to experts who can manage their digital transformation and fully commit to ensuring cybersecurity and data compliance. For many, this may be the best way to stay protected and avoid criminal or regulatory damage.”