Skip to main content

Small Businesses in Coventry and Warwickshire are Sleepwalking into Cyber Danger

31 May 2017

Small businesses in Coventry and Warwickshire are sleepwalking into danger when it comes to cyber security. That’s the warning from Helen Barge, owner of Leamington based Risk Evolves, which helps businesses identify, manage and mitigate risks, enabling them to maximise opportunities.  One major risk facing all organisations is that of cyber.

Ms Barge is urging SMEs to ensure their IT security is as robust as it can be following the recent, highly publicised, ransomware attacks on the NHS, with similar style attacks predicted over the next few months. Additionally, IT security needs to be tight in preparation for the new EU General Data Protection Regulations that come into force next year, bringing with it fines of up 20 million Euros (£17million) or four per cent of global revenues if a data breach occurs.

She warns that small businesses responsible for data breaches could be caught in double jeopardy as the new law widens to hold everyone in the supply chain responsible. This could lead to the larger companies which share data with SMEs, seeking damages from smaller firms to recoup some of the penalties they may incur as a result of data breach. That’s on top of any financial penalty from the UK government’s Information Commissioner’s Office.

Ms Barge said: “If you are a small company supplying a larger business and you have access to or are provided with information about their Clients or employees, you need to think very carefully about how you protect that data.

“From finance to CCTV,  data is captured in many forms and is often maintained on the same IT infrastructure. This makes it much easier for hackers who deliberately target vulnerable IT systems.

“We also all work outside of the office and access data via mobile phones, laptops and tablets using public wifi in cafes, hotels and so on. Criminals know that many of us fail to take basic steps to secure access to systems in these environments and will therefor look to infiltrate to get to our information.”

Ms Barge is urging SMEs in Coventry and Warwickshire to understand their IT vulnerabilities and security checked and verified.

Her advice is to independently check your IT systems and to ask suppliers, big and small, for evidence of IT security such as the government backed Cyber Essentials (CE) certificate or ISO27001. The CE scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyberattacks. https://www.cyberaware.gov.uk/cyberessentials/docs.html

CE performs an ‘MOT’ type annual assessment on any organisation. It costs £300 and is renewed annually.

Criminals target businesses with vulnerable systems, people with weak passwords or employees through viruses and ransomware. Cyber Essentials shows how to protect against all these vulnerabilities.