SMEs most vulnerable to cyber attacks

Feb 02 2006 by Nic Paton Print This Article

Smaller and medium-sized businesses in the UK have been warned they are leaving themselves wide open to electronic or online attack by failing to put in place adequate security measures.

A study by the Confederation of British Industry has found nearly two thirds (60 per cent) of medium-sized firms dealt with their suppliers, partners or clients online.

But more than half of these had no security measures in place whatsoever.

Small firms fared little better, but it was within medium-sized companies that the problem was most acute, said the CBI.

This was because they were more likely to integrate their systems with large firms as well as trade with smaller ones, so putting themselves and their supply chain more at risk.

In response, the CBI has published a government-backed IT security guide aimed specifically at small and medium-sized enterprises to give advice on how to deal with online attack, viruses and cyber crime in the supply chain.

John Cridland, CBI deputy director-general, said: "The internet is a business opportunity that many firms are seizing with both hands. So, it is a serious concern that so many medium-sized firms are leaving themselves and others open to online attack and abuse.

"These firms account for over half of UK company turnover and are large enough to win contracts with big business," he added.

Large firms expected to be able to do their online business securely and, while many medium-sized firms could not afford extensive IT systems, there were often straightforward measures firms could take to protect themselves and their customers, he suggested.

"Securing your IT is increasingly seen as an essential part of securing competitive advantage, by becoming known as a trusted online business partner. The online threat is constantly evolving so this is not a one-off exercise," he added.

Industry minister Alun Michael has backed the initiative, and called for businesses to rethink how they viewed their supply chain.

"Small and medium-sized firms are engaging ever more closely with each other and with their customers online," he said.

"In the future we will probably need to start thinking of the supply chain as being something more like a business 'eco-system', where it is all the more vital for companies to protect their information assets," he added.