Tech firms petitions UK government to take action on making cyber security compulsory for businesses
With 70% of businesses having no form of formal cybersecurity, tech company Evaris wants the UK government to make protection mandatory.
With the number of cybersecurity attacks on the rise and 43% of firms being targeted in the past 12 months, one tech business is petitioning to make online protection mandatory.
IT security specialist Evaris is lobbying for the UK government to make it a legal requirement for companies with up to 250 employees to sign up to an existing Cyber Essentials certification scheme, while larger businesses would need to meet more comprehensive cybersecurity requirements.
The Manchester-based firm claims cybercrime cost UK companies £21bn and only 27% of businesses have a formal cybersecurity policy in place.
Terry Saliba, solutions architect at Evaris, said: “Data shows that more than four in ten businesses experienced a cybersecurity breach in the past 12 months, and these are becoming increasingly sophisticated and costly for businesses across all industries.
“Unfortunately, we still see that many firms are failing to understand the extent of this issue, and so we believe this petition is vital for establishing a compulsory baseline adhered to by all businesses.”
How vulnerable are businesses to a cyber attack?
Large companies report being victims of 12 cyber-attacks per year, while medium-sized firms average six.
With the number of IoT devices in offices increasing, their unique vulnerabilities are also increasingly being exploited.
The global average cost of a data breach to an organisation was calculated to be $3.86m (£3.1m) by IBM and The Ponemon Institute.
This also has knock-on effects for customers as the Internet Society’s Cost of Cybercrime report last year found the annual cost of cybercrime to UK citizens is £3.1bn.
The National Cyber Security Centre is a government agency that provides advice for the public and private sector on how to avoid cybersecurity threats.
It runs the Cyber Essentials scheme, which gives businesses advice on avoiding the most common cyber threats.
The requirements for being certified under the Cyber Essentials scheme includes firewalls, secure configuration, user access control and malware protection.
The Cyber Essentials Plus programme requires an independent assessment of a business’ cybersecurity controls.
Evaris wants these programmes to be compulsory for businesses, with several industry bodies supporting the tech company’s calls.
Vince Warrington, CEO of cybersecurity firm Protective Intelligence, said: “I’m supporting the petition because I’ve had to deal with the consequences of cyber-attacks and seen the destruction they can cause.
“At the moment, far too many companies still see cybersecurity as a ‘nice to have’ option, rather than an essential part of everyday business.
“But cyber-attacks are not going to simply disappear – the criminals behind them will target your business if you haven’t taken even the most basic steps to keep them out.
“By driving all companies to adopt Cyber Essentials, the government can not only create a good level of basic cyber hygiene across UK firms, but also create a regular flow of cybersecurity businesses that can bring on board new staff and train them up – helping to reduce the predicted shortfall in qualified cybersecurity experts that the country will need in the decades to come.”
To sign the petition, click here.
source compelo
Industry: Cyber Security News