Hundreds of businesses across the UK could be at risk of a cyber attack because they have little or no preventative security measures in place, a Hampshire information security professional has warned.
The Cyber Security Breaches Survey 2022 commissioned by the Government found that only 23% of businesses have a formal security strategy in place to combat cyber attackers such as phishing, malware or a ransom attack.
Hannah Wallis of Hantec Systems said that firms which have no preventative measures in place are exposing themselves to cyber attackers, particularly now so many employees are working from home or opt in to a ‘bring your own device to work’ scheme.
There are severe implications for thousands of businesses that could face a cyber attack including loss of personal and business data, loss of money and disruption to trading.
The Cyber Security Breaches survey also found that within the last 12 months 39% of UK businesses identified a cyber attack.
Hannah said it was vital every company has a formal security strategy in place to prevent cyber attacks, protect its staff and its most valuable assets.
“We are urging business leaders to implement security measures into their business. A cyber attack can have detrimental consequences for businesses, particularly small to medium sized firms. It can also be very scary for the employees involved.
“The Cyber Security Breaches Survey 2022 highlighted that not enough businesses are protecting themselves, and as compliance consultants we feel it is our duty to make people aware of the risks of cyber attacks.
“Many people and business owners think they will see a cyber attack coming and know the signs to look out for. But without a formal cyber security strategy in place a business could be increasing its risk of an attack.
“Research found that only 8% of businesses have a Cyber Essentials certification which is critical to reducing the risk of an attack. Act now before it is too late.”
Cyber Essentials is a UK certification which ensures an organisation has the minimum level of protection in cyber security. A company is certificated through annual assessments to maintain certification.