Staff IT misuse causing major headaches for West Midlands SMEs
MORE than 70% of Midlands businesses experienced security breaches of their IT systems because of staff misuse, new figures have revealed.
Staff attempting to use someone else’s credentials or passwords, misuse of confidential information and breaching data protection were among the breaches identified in a new report on cyber security.
And around 80% of businesses in the region experienced malicious software infections, according to the Information Security Breaches Survey carried out by accountancy firm PwC.
IT expert Chris Pallett, managing director of Telford-based Bespoke Computing, has been advising business on IT security for more than a decade. He said the report showed that nationwide, 74% of small businesses had a security breach that could cost from £75,200 to £310,800.
“Worryingly, the number of breaches has also increased in the last year and the cost doubled. We’ve analysed the report, and can see from the data that firms in Shropshire and the Midlands are experiencing unnecessary unauthorised breaches,” he said.
“This may be a simple fix such as ensuring a password is as secure as it can be, to making sure that firewalls are constantly updated to ensure that the latest viruses cannot gain a foothold on IT systems.
“However, it is often assumed by businesses that the major threat is coming from outside of their presumed secure servers, but as the figures for the Midlands show, it is staff who may be responsible, either knowingly or not, for security breaches.”
He stressed that cyber security was not an IT issue, it was a business issue and ultimately an economic one.
“We need to have secure systems and processes in order to increase productivity and growth,” he added.
The Government has announced an investment of £860m in the National Cyber Security Programme (NCSP) to protect and promote the UK.
As well as a new voucher scheme announced in July to offer up to £5,000 worth of IT security support to SMEs, businesses are being urged to adopt Cyber Essentials – the joint industry and Government scheme launched last year setting out clear basic standards for cyber security.
“Many of my clients, as well as firms including the likes of Vodafone, Barclays, GlaxoSmithKline, and the National Grid, are already using Cyber Essentials – which offers best practice guidance for all firms,” he said.
