With a 40% rise in cybercrime reported last year*, new research from financial and business advisers Grant Thornton worryingly reveals that over a third of local businesses still don’t have a strategy in place to mitigate the risk of a digital attack.
Grant Thornton’s survey of businesses across the East Midlands found that 73% perceived cybercrime to be a realistic threat to their organisation while 38% had already been targeted by an attack.
However, 39% of respondents said they have no plans in place to prevent cybercrime; 29% remain uninsured against digital crime and a further 33% have no business continuity strategy in place in the event of a severe cyber attack, leaving them vulnerable to the consequences – which can be far-reaching.
Cybercrime is a digital attack on an individual or organisation with the aim of obtaining valuable information or causing damage to a website or online platform. This can be through hacking, when data is stolen, or phishing, when fraudulent emails are sent in attempt to get individuals to reveal personal information online, such as passwords and credit card details.
Grant Thornton’s research comes on the back of further evidence which shows a third of cyber attacks carried out during 2015 were directed at small and medium sized businesses**, highlighting that no company is immune to the threat.
Chris Frostwick, partner and practice leader at Grant Thornton’s Leicester office, said: “There have been a number of high profile cybercrimes cases directed towards large companies, such as TalkTalk and Vodafone, but we are now seeing a shift towards criminals targeting smaller and mid-sized businesses.
“Cyber attacks are an increasingly significant danger for organisations of all sizes. Not just in terms of financial penalties but serious reputational damage and loss of business. Despite this, our research shows a concerning number of local firms still lack a strategy to deal with cyber threats or even understand the risks to their organisation.
“Businesses cannot afford to be behind the curve on this. Cyber attacks can strike without warning and sometimes without the victim being immediately aware. In this digital age, rigorous security and privacy is expected. If this cannot be guaranteed the ultimate risk is that customers will simply go elsewhere.”
Grant Thornton’s research also found that just 24% of local businesses are aware of the Government’s new ‘Cyber Essentials’ scheme, designed to help provide basic protection against the most prevalent forms of internet threat. Displaying the Cyber Essentials badge enables organisations to show they adhere to government recommended security standards and is mandatory for central government contracts which involve handling personal information or providing certain ICT products and services.
Chris Frostwick continues: “Vigilance alone won’t keep businesses safe. The conversation about cybercrime should be happening at boardroom level with managers ensuring their employees are aware of the risks and are on the lookout for any suspicious activity, particularly phishing emails, which have started to become much more sophisticated in recent months. Just as critically, clients and customers also need reassurance that effective controls are in place
“Cyber attacks are a real threat and those firms who don’t have effective strategies in place to deal with the issue could be risking not only their finances but also, and very importantly, their reputation.”
Cyber security will be the hot topic for discussion at Grant Thornton’s next FD Club event which takes place on Wednesday 6th July 2016 from 8am to 11am at the firm’s Leicester office on Regent Road. For further information please contact Mayuri Dhanak at Grant Thornton’s Leicester office, Tel: 0116 247 1234, email: [email protected].
* Grant Thornton International Business Report, Grant Thornton September 2015
** Internet Security Threat Report, Symantec 2015