Around 75% SMEs were hit by cybercrime in the past 12 months, according to the government's last Information Security Breaches Survey, with the typical cost to the victim organisation being between £75,000 and £300,000
The General Data Protection Regulation ('GDPR') comes fully into force in May 2018 and represents the biggest shake up of data protection law in over twenty years.
GDPR requires businesses to demonstrate and ensure that the data they hold and process is protected 'by design', and is not retained longer than necessary. In addition, companies become responsible for reducing risk, ensuring compliance, responding to requests for access, reporting breaches and creating a secure data environment.
Fall foul of the regulation and companies could face a hefty six figure fine, so SMEs need to plan now if they hope to comply with this legislation.
In this short video, Asam Malik, cyber security director at PwC, highlights what business owners should be considering to help protect themselves.
As many as three in four SMEs have suffered an online security breach, with the average cost of a cyber attack now valued at £75,000. Dr Simon Parkinson, said firms had to accept that at some point they will be targeted and to make themselves ready. He cited research which showed SMEs were the most at risk from cyber criminals with recent figures showing a 144 % increase in successful cyber-attacks. Cyber attacks were estimated to have cost UK business as much as £32bn in 2015, with that figure likely to be higher for this year. Dr Parkinson said: "A lot of it is common sense, such as making sure your systems are up to date, but one thing that came out is that you should assume it is going to happen to you – not the opposite way around.