The Blog

Featuring fresh takes and real-time analysis from HuffPost's signature lineup of contributors

Mike Foreman Headshot

Government throws spotlight on small firms in fight against cybercrime

Posted: Updated:

Cybercrime remains one of the greatest threats to UK business. Latest government figures calculate that it costs the country £27bn each year, with £21bn of that cost shouldered by business.

When it comes to the types of enterprises targeted by criminals you may be surprised to hear that small to medium sized businesses bear the brunt of the activity, taking 40% of all targeted attacks. Moreover the cost of cyber breaches to individual businesses looks set to rise.

The EU has introduced a new directive designed to increase cyber security across the majority of businesses in the EU. While the intention of the directive is to help small businesses, many fear it is simply adding expensive red tape, the cost of which will be hard to meet.

The Directive will require huge swathes of companies across Europe to tell regulators each and every time they have a data breach. Not only does putting things right cost money, around 6 per cent of turnover on average, it will soon do reputational damage by forcing companies to reveal relatively insignificant breaches.

The Directive is part of a wider drive by the European Commission to battle cybercrime. It is thought that by enforcing 'high common level of network and informational security' that a strong level of trust will be created and crime will diminish.

Regulators already require telco businesses to report any data breach but the Directive opens this out to many more.

The list of sectors which must adopt EU standard security and report any breach now also includes energy, transport, banking, stock exchange, healthcare, ecommerce, social networks and public administrations. There aren't many companies which don't fall into these categories.

With this is mind, small businesses up and down the country must pay extra attention to cyber security or risk facing higher costs than necessary. They must do everything in their power, starting with robust business internet security, to avoid costly breaches in the first place.