Business owners must be fully educated in the fight against cybercriminals, says Ward Hadaway
12th February, 2018
Business owners must be fully educated in the fight against data breaches, hacking and phishing scams, according to a leading law firm.
Gareth Yates, Commercial Partner at Ward Hadaway in Leeds said many small business owners think an attack will never happen to them or that they only happen to bigger businesses. The reality is that cybersecurity is an issue for businesses of all sizes and should no longer be seen as just an issue for IT departments.
His comments come as the build-up continues to the Yorkshire Fastest 50, the annual run-down of the fastest-growing privately owned companies in Yorkshire which Ward Hadaway sponsors and organises in association with The Yorkshire Post.
According to figures issued by the Office for National Statistics, 68% of small business owners had no formal security plan, despite around 85% owning a website.
With such little security or planning, the figures reveal 5.4 million UK SMEs are hit by cybercrime more than seven million times a year.
As well as costing companies millions of pounds, these cybercrime attacks are also costing the UK economy. According to The Federation of Small Business (FSB), attacks on small businesses cost the economy a huge £5.26 billion.
Mr Yates said: “Smaller businesses have limited resources, time and expertise to deal with these increasingly sophisticated digital attacks. Many believe they are too small or perhaps have nothing worth stealing to be a victim of a cyber-attack.
“They need to think that cybersecurity is no longer just an issue for a firm’s IT department, it’s now a priority for the board and business owners. Technology is vital to the running of every business in today’s society and therefore cybercrime is a risk no matter what size or industry a company operates in. Cybercriminals will target the most vulnerable and this often puts smaller businesses onto their radars.”
He added that data is one of the main ways that hackers steal from companies, whether it is stealing banking information, credit card details or employee information.
He said: “This is all highly confidential information, and if it’s stolen, it can be detrimental not just to a business, but also to employees and customers. A good reputation is often a company’s most prized asset, but it can be compromised with a data breach.”
Mr Yates added that in the event of a data breach, it is important to have the right professionals on board to help a business recover.
He said: “If your data is breached you will need to consider reporting the breach to the Information Commissioner’s Office (the UK data protection regulator). The threshold for reporting breaches is going to be lower come 25 May 2018 when the new data protection laws take effect. Breaches can result in fines or other sanctions from the regulator, but often the greatest harm is damage to your brand and dealing with the remedial costs flowing from a breach, such as external consultancy costs or paying compensation to individuals.
“Therefore the education of employees on the importance of cybersecurity is vital because even the biggest businesses can be undone by simple cyber attacks such as an employee opening spam email containing a virus.
“Educating employees on the importance of appropriate cyber security measures is becoming increasingly important. Having a formal company policy addressing cybersecurity and providing annual training to staff is a good start.
“Businesses should also have a contingency plan ready to deal with a cybersecurity incident if they are attacked. Knowing what to do quickly is essential if you are a victim and being able to respond to an incident quickly can mitigate the damage.
“At Ward Hadaway, we have held many seminars to educate small businesses on the pitfalls of cyber crime because we know that many data breaches are caused by human error and business owners should take measures to ensure there are no insider threats. We believe all staff should be trained in the best practices of cyber security.
“Customers will increasingly be mindful of a business’ reputation when it comes to the security of their data, so addressing this issue properly will put you ahead of the competition and hopefully avoid you incurring unnecessary expense after a data breach.”
The Yorkshire Fastest 50 2018 takes place at Aspire in Leeds on Friday, 16th March with guest speaker Keir Starmer, the Shadow Secretary of State for Exiting the European Union.
Please note that this briefing is designed to be informative, not advisory and represents our understanding of English law and practice as at the date indicated. We would always recommend that you should seek specific guidance on any particular legal issue.
This page may contain links that direct you to third party websites. We have no control over and are not responsible for the content, use by you or availability of those third party websites, for any products or services you buy through those sites or for the treatment of any personal information you provide to the third party.