Just One Third of UK’s Small Firms Have Security Strategy

A third of the UK’s small companies have no cybersecurity strategy in place, according to new research designed to raise awareness among the business community. Membership organization Business in the Community (BITC) commissioned YouGov to poll over 1000 employees from small and medium-sized businesses about their attitudes to cybersecurity. While 30% of small firms with under 50 employees claimed not to have a security strategy in place, the number fell to just 4% for medium-sized business (50-249 employees). Equally concerning is the fact that just over a third (35%) of SMBs said they had a basic data protection policy in place, while even fewer (29%) claimed to have a policy for controlling access to systems. This is despite the advent of the GDPR almost a year ago, which could levy fines for non-compliance. An estimated 59,000 businesses across the EU had reported security breaches to regulators as of February, according to DLA Piper.