Cyber crime is the fastest growing area of criminal activity in the UK and businesses must act quickly to make sure they are protected, a Shropshire business consultancy firm warned today.
Jason Perry, a partner at The Business Company, based near Shrewsbury, said businesses must be aware of the danger of cyber crime attacks and the effect it could have on their work.
He said: “Few businesses remain untouched by the digital revolution.
“Across the world, there are now over two billion Internet users and over five billion mobile phone connections.
“Every day we send 294 billion emails and five billion SMS messages.
“With over 91 per cent of UK businesses now having Internet access, businesses today are almost entirely dependent on the continued availability, accuracy and confidentiality of their information and communications technology.”
Mr Perry said cyber criminals were able to exploit the speed, convenience and anonymity that modern technologies offered to attack businesses’ critical computer data and systems.
He said: “This can lead to large scale identity theft, online fraud, virus attack, email scams, spyware, financial theft, customer data loss, money laundering and intellectual property theft.
“The Cabinet Office has estimated that cyber crime costs the UK economy £27 billion a year, with UK businesses accounting for almost three quarters of this amount.”
Mr Perry warned that historically cyber crime was seen as primarily an issue for large corporate companies but now criminals are seeing small and medium enterprises (SMEs) as an attractive and vulnerable alternative.
He said figures from the Information Security Breaches Survey in 2013 showed that 87 per cent of SMEs had a security breach, 63 per cent were attacked by an authorised outsider and 23 per cent were hit by a denial-of-service attack.
Mr Perry said the most practical and effective way for a business to protect against cyber attacks was to implement and adopt an information security policy to cover information systems and controls.
He said: “This will ensure a systematic approach is taken to protecting your business’ information and is ideally done to ISO 27001 standards – an internationally recognised certification.
“Having the standard in place not only provides the assurance that information security controls are in place but it also tells existing and potential customers that the business has defined, assessed and put appropriate controls in place to manage its information security risks.
“Recent reports indicate that more than 68 per cent of UK businesses when putting forward an RFP or completing a pre-tender questionnaire have been requested to demonstrate they meet ISO 27001 or an equivalent level of standard.
“ISO 27001 is therefore a valuable commodity, providing a clear competitive advantage and statement to customers, suppliers, partners, authorities and of course potential investors that your business operates a secure information management system.”