NAN - Fotolia

SMEs failing to deal with security face losing contracts

Failing to deal with a security breach is not just bad for brand but could have serious implications on SME supplier relationships a survey from KPMG has revealed

With the debate in a couple of days on the Government's latest attempts to get more powers to snoop on the cyber activities of citizens the subject of security is going to remain on the front pages for a while longer.

All of last week thanks to the TalkTalk hack the issue was barely off the agenda and there was also the first Security Serious event to remind businesses why some of their peers are getting their act together fending off cyber attacks.

By now most users are aware that personal data is a commidity much sought after by hackers and the chances of a business, regardeless of size or revenue, being attacked is now a near certianty.

The danger with all this current focus on security is that the customer will become weary of the constant exposure to the issue and those channel players out there at the coalface could find it a challenge getting people engaged with the sales pitch.

KPMG might just have helped on that score with a piece of research that highlights some of the risks associated with failing to increase cyber security.

The firm has found that those SMEs that did not come up to scratch with their security are likely to lose out when supplier contracts are awarded.

Procurement managers are almost universally in agreement that cyber security standards are a key consideration when they come to awarding a contract to an SME.

A significsant number, 86%, would go as far as removing a supplier if they suffered a data breach and already two thirds demand a demonstration of cyber accreditations, like the ISO27001 or PCI DDS.

George Quigley, partner in KPMG’s cyber security practice, said that security was not just a technical issue but now had serious business implications.

“Larger companies are placing an increased emphasis on the cyber security of their suppliers and increasingly the onus is on SMEs to show that they are tackling this issue head on," he said.

“Unfortunately many SMEs still take a blasé approach towards cyber security and mistakenly don’t see themselves as targets of cyber criminals. Unless these organisations take a more mature approach towards cyber security now, they face the risk of being frozen out of lucrative supplier contracts," he added.

KPMG expects the pressure on SME suppliers will continue as more firms try to ensure that the supply chain is not going to become a source of cyber vulnerability.

“In order for businesses to be awarded some public sector contracts they already have to demonstrate a certain level of cyber maturity and this is increasingly becoming the norm in the private sector as well," added Quigley.

At the moment just shy of the contracts being awarded to suppliers state that a hack has to be declared but that number is expected to rise.

From a channel perspective events like the TalkTalk hack put security in the spotlight but it is the ramifications that a breach could have on business that is going to get customers concentrating on the issue.

Read more on Sales and Customer Management