A poll of 1,200 businesses across the UK has found that 20% have been affected by a cyber security breach in the past 12 months, and 21% believe the threat of cyber crime has stopped them growing.
The research, conducted by the British Chambers of Commerce (BCC), found that big businesses are far more likely to be victims of attacks - 42% of those with more than 100 employees have been attacked, compared to 18% of smaller firms.
Despite the fact that 21% of businesses believe the threat of cyber crime is preventing their firm from growing, BCC says many are still not taking sufficient precautions to protect themselves from future attacks:
- only a quarter (24%) of businesses have cyber security accreditations;
- smaller businesses are far less likely to have accreditation (10% of sole traders and 15% of those with 1-4 employees) than big businesses (47% of those with more than 100 employees);
- 63% of firms say they rely on IT providers to resolve issues after an attack, compared to banks and financial institutions (12%) or police and law enforcement (2%).
Of those businesses that do have accreditations, 49% believe it gives them a competitive advantage over rival companies, and 33% consider it important in creating a more secure environment when trading with other businesses.
"Cyber attacks risk companies' finances, confidence and reputation, with victims reporting not only monetary losses but costs from disruption to their business and productivity. Firms need to be proactive about protecting themselves from cyber attacks," said Adam Marshall, BCC director general.
From May 2018, all businesses that use personal data will have to ensure they are compliant with the new General Data Protection Regulation (GDPR) legislation.
"Businesses should also be mindful of the extension to data protection regulation coming into force next year, which will increase their responsibilities and requirements to protect personal data," added Marshall.
"Firms that don't adopt the appropriate protections leave themselves open to tough penalties. Accreditations can help businesses assess their own IT infrastructure, defend against cyber security breaches and mitigate the damage caused by an attack."