Channel playing increasing role in delivering SME security

The channel is playing an increasing role in helping small businesses manage their security risks as the latest breaches report reveals attacks have risen again

A few years ago SMEs felt that cyber attacks were only problems for the larger enterprise customers and they could cope with standard tools to make sure that staff did not accidentally download viruses and open up the network to threats.

But over the last couple of years it has become clear that the key market for the channel is also one that is being targeted by cyber criminals and the level of attacks are rising.

The latest Information Security Breaches report indicates that the number of attacks on small businesses has gone up and the cost of the worst breaches has doubled compared to last year.

The sobering findings will be good news for the channel because the report also indicated that customers were becoming more aware of security risks and looking to outsource the responsibility to service providers where possible.

Richard Horne, partner cyber security at PwC, said that the latest report indicated that businesses of all shapes and sizes were firmly in the sights of cyber criminals looking to get hold of sensitive data.

"A breach is pretty much inevitable for a UK organisation in today's world. Dealing with breaches is now just a part of life," he added that there were more targeted attacks that had the potential to cost businesses more in costs.

"The majority of firms are expecting more breaches next year and if you look at the cost of the worst breach it has more than doubled from a year ago," he said.

Chris Potter, partner at PwC and the founder of the breaches report, said that over the decade and a half it had been charting the market it had found that breaches had increased and both large and SME sized organisations were being hit in similar ways.

Main findings

* 90% of large organisations and 74% of small firms had a breach last year, up from 81% and 60%
* Small businesses suffered four data breaches last year on average
* The cost of a breach for a small business is between £75k to £311k, up from £65k to £115k last year
* Security spending increased by 44% in small businesses last year and 7% expect that trend to continue
* Human error is still a massive issue with 31% of small firms suffering a staff related breach last year

He identified three main problems that had persisted as issues that firms needed to deal with, including malware, hacking from outsiders as well as data loss and leakage.

The final point often occured because of human error and the advice to users was to increase the awareness of cyber security not only among staff but also to increase the knowledge of risks in the board room.

Giles Smith, deputy director, cyber security and resilience, BIS, filled in for Ed Vaizey MP, the minister for culture and digital economy, and said that the government was determined to make the UK the safest place to transact business online.

"It is a mixed picture and whilst it is disappointing to see that the number and cost of breaches has increased there are also some positives," he highlighted the number of firms that had increased training and taken steps to improve their employee awareness about threats.

For resellers specialising in security the headline findings in the report will not come as a surprise but it will be encouraging to discover that the amount of expenditure on using external specialists also continues to rise.

The report found that processes including email, website maintenance, finance and accounting and payroll have all been functions that have been outsourced with increasing regularity over the last couple of years.

Customers also continued to seek advice from resellers, vendors and government bodies when it came to getting some guidance on how to deal with the cyber threats and improve their defences.

Read more on Managed IT Services