Four in ten Scots firms 'do not feel prepared for cyber attack'
Nearly four in ten Scottish businesses do not feel prepared for a cyber attack, prompting “cause for concern”, according to the Scottish Business Resilience Centre (SBRC).
The study also revealed that two thirds of those surveyed believe cyber security has become more important for their business over the past year.
The Linlithgow-based organisation said the findings come one year after the National Cyber Security Centre (NCSC) relaunched Cyber Essentials, a government-backed scheme to help organisations become better protected against such attacks, with cyber security specialists IASME Consortium as its partner.
The course claims that businesses that become Cyber Essentials-certified can prevent or limit the fallout from up to 80 per cent of common cyber attacks.
More than 250 Scottish business-owners, chief executives, and people who work in IT were surveyed in April as part of the SBRC-commissioned research, revealing that about 80 per cent were aware of Cyber Essentials – but only 54 per cent knew the benefits it can bring to an organisation.
The SBRC also said some UK government contracts now require the certification and other organisations may prefer to work with certified companies. “As a result, 37 per cent of businesses whose company is not Cyber Essentials or Cyber Essentials Plus certified believed that they have lost out on business as a result,” it said.
SBRC chief executive Jude McCorry said: “We’ve seen the number of cyber attacks rise over the past year, and a change in the type of attack as cyber criminals seek to take advantage of our increased reliance on technology while working remotely.
"It’s not a case of ‘if’ your systems will be attacked, but ‘when’ – so it’s vital that business-owners go on the offensive and prepare themselves, particularly as the majority of attacks are basic in nature and can be prevented. Learning that so many businesses aren’t confident in how they can prevent attacks is cause for concern.
“Cyber Essentials is a simple way for business-owners to become more aware of their cyber processes, and accreditation demonstrates to their customers and suppliers that they take their cyber resilience seriously.”
Ms McCorry, who has more than 20 years’ experience in the technology sector and was previously director of business development at The Data Lab, added: "Improving your cyber defences could mean the difference between your company surviving a cyber attack or losing all your systems and data.”
IASME chief executive Emma Philpott also commented: "We are pleased to be able to work in close partnership with the SBRC and support their activity with spreading awareness of cyber activity throughout Scotland. By offering crucial support and advice to Scottish businesses, they are making the UK a safer place to do business."
SBRC is a non-profit organisation that started out as the Scottish Business Crime Centre in 1996, and was renamed in 2013 to reflect its broader remit. It is funded by a range of private and public partners including the police, Scottish government, Association of Scottish Clearing Banks, the drinks industry, and Scottish Fire and Rescue Service.