Gareth Yates, a commercial partner at Ward Hadaway in Leeds, said many small business owners mistakenly believed that only large companies will be targeted by cyber criminals.
The reality is that cyber security is an issue for all businesses and should no longer be seen as just an issue for IT departments, Mr Yates said.
His comments come as the build-up continues to the Yorkshire Fastest 50, the annual run-down of the fastest-growing privately owned companies in Yorkshire which Ward Hadaway sponsors and organises in association with The Yorkshire Post.
According to figures issued by the Office for National Statistics, 68 per cent of small business owners have no formal security plan, despite the fact that around 85 per cent of smaller firms own a website.
The figures also reveal that around 5.4 million UK SMEs are hit by cybercrime each year. According to The Federation of Small Business (FSB), attacks on small businesses cost the economy £5.26 billion.
Mr Yates said: “Smaller businesses have limited resources, time and expertise to deal with these increasingly sophisticated digital attacks. Many believe they are too small or perhaps have nothing worth stealing to be a victim of a cyber-attack.
“They need to think that cyber security is no longer just an issue for a firm’s IT department, it’s now a priority for the board and business owners.
“Technology is vital to the running of every business in today’s society and therefore cybercrime is a risk no matter what size or industry a company operates in.
“Cybercriminals will target the most vulnerable and this often puts smaller businesses onto their radars.”
Hackers are often keen to steal banking information, credit card details or employee information. Mr Yates said: “This is all highly confidential information, and if it’s stolen, it can be detrimental not just to a business, but also to employees and customers.
“A good reputation is often a company’s most prized asset, but it can be compromised with a data breach.”
Mr Yates added that in the event of a data breach, it is important to have the right professionals on board to help a business recover.
He said: “If your data is breached you will need to consider reporting the breach to the Information Commissioner’s Office (the UK data protection regulator).
“The threshold for reporting breaches is going to be lower from May 25 2018 when the new data protection laws take effect. Breaches can result in fines or other sanctions from the regulator, but often the greatest harm is damage to your brand and dealing with the costs flowing from a breach, such as external consultancy costs or paying compensation to individuals.
“The education of employees on the importance of cyber security is vital because even the biggest businesses can be undone by simple cyber attacks such as an employee opening spam email containing a virus.” The Yorkshire Fastest 50 2018 takes place at Aspire in Leeds on Friday, 16th March with guest speaker Sir Keir Starmer, the Shadow Secretary of State for Exiting the European Union.
The event, which has been run by Ward Hadaway and The Yorkshire Post since 2011, celebrates the fast growing firms that are helping the region’s economy grow.
Educating employees on the importance of cyber security measures is becoming increasingly important, according to Gareth Yates of Ward Hadaway.
He added: “Having a formal company policy addressing cyber security and providing annual training to staff is a good start.
“Businesses should also have a contingency plan ready to deal with a cyber security incident if they are attacked. Knowing what to do quickly is essential if you are a victim and being able to respond to an incident quickly can mitigate the damage.”
Many data breaches are due to human error, Mr Yates said.