Smaller firms urged to tighten cyber security (From Ledbury Reporter)

Smaller firms urged to tighten cyber security

1:30pm Tuesday 10th April 2012 in Ledbury & Malvern Business News By Mike Pryce

SMALL and medium-sized businesses could be leaving themselves and their partners exposed to computer hackers because of a lack of understanding of information systems, a Worcester IT specialist claims.

Richard Henson, a leading UK cyber security specialist, is warning organisations to get more savvy in a bid to save themselves money and protect their businesses against cyber crime, which is estimated to cost the country £27 billion a year.

Mr Henson is an adviser to Key IQ, which runs the Malvern Cyber Security Group, and is a senior lecturer in computing at the University of Worcester.

He advocates a new independent scheme, Inform-ation Assurance for SME, aimed at encouraging small and medium sized enterprises to develop more robust systems.

He also recommends penetration testing, because hackers are using ever more devious methods to gain access.

“Most small businesses now have digital information systems,” he said.

“Many are online, and taken together, SMEs form a large part of the national information infrastructure of the UK.

However, the limited resources of smaller companies mean that they are often unable to focus as closely as they may wish on what may be perceived as peripheral activities, including information assurance.”

Mr Henson, who last month gave a presentation at a cybersecurity workshop for small businesses in Malvern and participated in a major cybersecurity showcase event in Brussels, both organised by the Cyber-Security Knowledge Transfer Network, said SMEs faced losing contracts to major companies if their information security systems were not up to scratch.

He warned they could potentially face losing thousands of pounds through lost trade should their computer systems become infected, or if hackers are able to access financial information.

“The difficulty lies in the many supply chains that are all linked via computer systems,” he said.

“If just one of those companies in the chain has a flaw in its security, there could be a major knock-on effect for all the other organisations it works with.”

He added: “There is evidence that focused attacks on the nation’s information infrastructure are already moving from the previous targets of larger companies (with dedicated resources for protection) to poorly defended SMEs who provide quicker wins.”