Three out of every four SMEs 'have been hit by cyber attacks'

As many as three in four SMEs have suffered an online security breach, with the average cost of a cyber attack now valued at £75,000, research shows.

Dr Simon Parkinson, an informatics lecturer in the University’s School of Computing and Engineering said firms had to accept that at some point they will be targeted and to make themselves ready.

He cited research which showed small businesses were by far the most at risk from cyber criminals and referred to recent figures which showed a 144 per cent increase in successful cyber-attacks on businesses.

Sign up to our daily newsletter

The i newsletter cut through the noise

Cyber attacks were estimated to have cost UK business as much as £32bn in 2015, with that figure likely to be higher for this year.

Cyber crime alert

Dr Parkinson, who was one of the organisers of a symposium for SMEs on the increasing menace of cyber security, also warned that there is now a serious shortage of people with the skills to counter the cyber threat. The university plans to address this issue by making cyber security modules a compulsory component of all computer science courses.

In conjunction with a Government-backed organisation, the university has held a successful symposium named Cyber Security: Addressing the threats for your business.

Representatives of more than 30 companies from a variety of sectors came to hear a range of talks on aspects of an increasingly urgent topic.

Dr Parkinson said: “We had some companies that had problems and some that had solutions.

Cyber crime alert

“They passed on best practice guidelines on how to address a cyber threat.

“A lot of it is common sense, such as making sure your systems are up to date, but one thing that came out is that you should assume it is going to happen to you – not the opposite way around.

“Don’t brush it aside, thinking that it will never happen to me.

“The statistics show that you will suffer some kind of cyber attack. If you fail to plan, then you plan to fail.”

The UK Government recently announced an investment of £1.9bn to keep the country’s cyberspace safe, and in addition to closing the skills gap it also see automation as a key part of the solution.

In addition to its cyber security research and teaching, the University of Huddersfield has also invested £200,000 in a Secure Societies Institute that has cyber crime as one of its priorities.

The aim is to share the University’s expertise by forming collaborations such as Knowledge Transfer Partnerships with firms.

The advantage to companies is that they access the University’s multidisciplinary expertise without incurring heavy research and development costs.

The last 18 month have seen a number of high profile cyber attacks on large companies with Talk Talk, Yahoo and Tesco all being subjected to substantial breaches of its servers and the data contained therein.

Talk Talk was handed a record fine of £400,000 for failing to provide its customers with adequate protection by the Information Commissioners Office and businesses are soon to be subjected to more stringent penalties if they are attacked.

From May 2018 the General Data Protection Regulation (known as GDPR) will mean the maximum fine a firm can be handed will rise from £500,000 to the greater of €20m or four per cent of the firm’s annual turnover.

And although the regulation is a European Union order, Article 50’s imminent invocation in the Spring will mean that its coming into effect will happen prior to the end of the two year negotiating period.

Even then, UK businesses will continue to sell good and services into the European Union, which will still be subject to GDPR, as well as monitoring EU citizens via matters such as online tracking sales.