Majority of UK SMEs Lack Cybersecurity Policy

Security

More than two-thirds (69%) of UK small and medium enterprises (SMEs) lack a cybersecurity policy, according to figures from specialist insurance firm Markel Direct.

The research identified a significant lack of basic cybersecurity measures and hygiene in place across these companies.

This included 43% admitting that their employees are not trained on best practices and potential threats, while just 35% encourage their employees to update passwords.

Additionally, only around half (52%) of SMEs use multi-factor authentication (MFA).

Regarding security tooling and software, 72% of SMEs said they have antivirus/anti-malware software in place, 49% have email filtering for spam and phishing emails, 47% have a firewall and 46% have secure Wi-Fi networks.

Under half of surveyed companies conduct regular data backups (46%) and have data encryption (44%).

More than two-thirds (69%) regularly update system software.

The survey of 500 SMEs also found that half (49%) would not know what to do in the event a cyber-attack.

A similar proportion (53%) do not have cyber insurance in place in case of a breach.

When asked how they secure company data when accessed by employees working from home, 52% of SMEs said they use virtual private network (VPN) access, 48% train their employees on secure remote work practices and 46% have remote access policies and controls in place.

Biggest SME Cybersecurity Concerns

The biggest cybersecurity concern for UK SMEs for the future was the increasing sophistication of cyber threats (62%), fuelled by AI and other emerging technologies.

This was followed by securing remote work environments (23%), ransomware and other forms of malware (22%), emerging technologies and their implications (21%), insufficient budget/resources for cybersecurity (19%) and vulnerabilities associated with third-party vendors and suppliers (19%).

Rob Rees, Divisional Director of Markel Direct, commented: ‘Staying ahead of cyber threats is crucial for small business owners, especially as AI-driven attacks continue to evolve. Having a robust cybersecurity policy in place can help create a framework to safeguard against ongoing threats, whilst cyber insurance can help to protect your business in the event of a targeted attack.”

A survey by JumpCloud in July 2024 found that 49% of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats.

Products You May Like

Articles You May Like

New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Global Campaign Targets PlugX Malware with Innovative Portal
Atos Group Denies Space Bears’ Ransomware Attack Claims
Cryptomining Malware Found in Popular Open Source Packages

Leave a Reply

Your email address will not be published. Required fields are marked *