Adam Marshall, Director General of the BCC, warned that businesses should be mindful of an extension to data protection regulation coming into force next year.
Large businesses are more likely to become the victim of a cyber attack than their smaller counterparts, but all types of companies need to ramp up security defences, according to a report by the British Chambers of Commerce. The results of a survey of more than 1,200 businesses across the UK conducted by the BCC and published on Tuesday show that 20 per cent of respondents had been hit by a cyber attack in the last 12 months.
The difference between companies with over 100 staff and those with fewer than that was stark, though, with a total of 42 per cent of larger businesses reporting being hit and only 18 per cent of the smaller.
Nonetheless, Adam Marshall, Director General of the BCC, said that all needed to shore up their defences as cyber crime becomes more prevalent and aggressive. “Cyber attacks risk companies’ finances, confidence and reputation, with victims reporting not only monetary losses but costs from disruption to their business and productivity,” he said.
He warned that businesses should be mindful of an extension to data protection regulation coming into force next year, which will increase companies’ responsibilities and requirements to protect personal data. “Firms that don’t adopt the appropriate protections leave themselves open to tough penalties,” he said.
Last week, a study commissioned by cyber security firm CGI and conducted by Oxford Economics, found that companies’ share prices fall by an average of 1.8 per cent on a permanent basis following a severe cyber security incident – where large amounts of sensitive information is compromised. This means a typical FTSE 100 firm is worse off by an average of £120m after a breach, according to the study.
Earlier this month, online lender Wonga became the latest in a string of companies to discover that customer information had been compromised. It’s thought that Wonga’s breach could affect up to 270,000 current and former customers. In November last year, thousands of Tesco Bank accounts were compromised, and a cyber attack on phone company TalkTalk in 2015 resulted in a £400,000 fine from the ICO for security failings which led to the theft of personal data of almost 157,000 customers.
Tuesday’s survey by the BCC also showed that 21 per cent of businesses perceived the threat of cyber crime to be hampering company growth, but only 24 per cent said that they have cyber security accreditations in place. It showed that after an attack, businesses are most reliant on IT providers to resolve issues, compared to banks and financial institutions or police and law enforcement.
In a similar vein, the BCC earlier this month warned of the consequences UK companies face if they fail to tackle digital skills deficiencies within their workforce. The BCC said that three in four UK businesses have reported a digital skills shortage among their employees, despite 84 per cent of firms admitting that digital and IT skills are more important to their enterprise now than two years ago. “The evidence is clear: better digital skills make firms more productive, and a lack of digital skills holds them back,” Mr Marshall said at the time.
Author – Josie Cox