Smaller UK businesses lack digital risk awareness

• Print

Details

Published: Tuesday, 25 July 2017 09:11

Leaders of UK business small and medium-sized enterprises identify far fewer risks affecting their businesses, when compared to Germany and France, according to research for the Gowling WLG Digital Risk Calculator. This new free tool allows small and medium size businesses to better understand their digital risks and compare these to other businesses and industries.

Research informing the Gowling WLG Digital Risk Calculator was gathered from 1000 small and medium-sized enterprises (SMEs) in the UK, France and Germany. Findings revealed an overly optimistic picture among UK business leaders, when compared to the views of their European counterparts. UK respondents consistently identified between 2 and 25 percent less than non-UK respondents for each risk area analysed.

Commenting on the research Helen Davenport, director at Gowling WLG, said: "The recent wide ranging external cyber-attacks such as the Wannacry and Petya hacks reinforce the real and immediate threat of cyber-crime to all organisations and businesses. However, there tends to be an ‘it won't happen to me’ attitude among business leaders, who on one hand anticipate external cyber attacks will increase over the next three years, but on the other fail to identify such areas of risk as a concern for them. This is likely preventing them from preparing suitably for digital threats that they may face."

Respondents revealed that external cyber risks (69 percent) are thought to be the most concerning category of digital threat for businesses across all countries surveyed. This risk is anticipated to grow even further, with 51 percent of respondents believing that it will increase within the next three years.

Other digital risks of concern to participants include customer security (57 percent), identity theft / cloning (47 percent) and rogue employees (42 percent). More than a third of respondents (40 percent) also believe that the lack of sufficient technical and business knowledge amongst employees is a risk to their business.
Additionally, one third (32 percent) of UK businesses feel that digital risks related to regulatory issues have increased during the past three years. However, less than a third (29 percent) believe that regulatory issues are a risk to their business.

Data protection

Risks related to highly sensitive/valuable data are the second most prominent risk to businesses (55 percent), according to respondents. However, when asked about the GDPR, which represents the most significant change to data protection legislation in the last 20 years, only one seventh (14 percent) of UK businesses were aware of the fines they may face for failing to protect their data. In comparison, 26 percent of respondents from Germany and 45 percent % from France were aware of the maximum fine, placing UK business leaders at the back of the pack when it comes to understanding the risks posed by failure to comply with the GDPR.

Despite the identification of data risks, only 52 percent of UK businesses do regular data backups, compared to 66 percent in Germany and 67 percent in France. Moreover, only 32 percent of UK businesses and 39 percent of businesses in Germany open to using off-site storage for sensitive data today, compared to 50 percent of French businesses.