Why cyber-credentials really matter for small and mid-sized companies
12 January 2018
Around one in three SMEs have had their cyber-security precautions questioned as part of winning contracts in the last year, according to cyber-security e-learning platform CybSafe.
The study also found that 50 per cent of SMEs had cyber-security conditions included in new contracts in the last five years, while 44 per cent said they had been required by the companies to have a recognised cyber-security standard such as the ISO 27001.
Another one in seven SMEs had no cyber-security protocols in place at all, while only two in five organisations had cyber-insurance to protect against data breaches. Less than half of organisations surveyed had begun taking data protection steps ahead of GDPR implementation and around two in five of respondents would inform all customers immediately following a data breach.
Oz Alashe, CEO and founder of CybSafe, said: “High-profile data breaches such as [that of] Target, where hackers gained access to the retailer through its air conditioning supplier, have brought supply chain cyber-security to the forefront, and this has clearly struck a chord with enterprise leaders.
“Organisations are realising that it’s no longer enough to ensure their own network is secure, but they must now also pay closer attention to securing the supply chain. This is a trend we will see increase in the coming years.
“No business is an island, and so large organisations will only work with trusted vendors in the future. The SMEs that adapt their information security practices to the new landscape and demonstrate their cyber-credentials will be the most successful in the future.
“The more enterprise sees cyber-security as a value-add, the more SMEs will change online practices to become that trusted vendor.”
This article was published in our Business Reporter Online: SMEs.