Cyber security a big issue for small business


According to recent research by Growth Hub support provider Smith & Williamson, nearly half of all small businesses don’t have a cyber security plan.

The report, conducted by the accountancy, investment management and tax group, identified the flaw as a potential major obstacle facing small businesses in the light of the recent WannaCry cyber-attack which crippled parts of the NHS.

Helen Bassett, an associate director in the technology team based at Smith & Williamson’s Bristol office, said: “For Growth Hub members looking at taking their business to the next level, a business that has thought about their cyber security and has more control of their tech estate can be more attractive for investment.  It shows that they take these things seriously and is a reflection of the culture and values the company has.

 “A well thought out cyber security plan will demonstrate a Growth Hub member’s ability to identify and react accordingly to the increasingly complex myriad of factors affecting their business. Control of tech estate is key for any well-managed company.  It is now, and increasingly in the future, one way for an investor to get to the heart of a business and ascertain the true nature of the management and the culture within.

 “We wouldn’t expect all Growth Hub members – especially early stage businesses – to be spending extravagant amounts on developing a plan and high-tech software.  However, the owners and managers should be able to show that they’ve thought of the problems and have a plan should the worst happen.  Equally we would expect the tech investment to scale and grow as the business does.”

 One example where cyber security will come to the fore is the new General Data Protection Regulation (GDPR), which takes effect from 25 May 2018.  It is sweeping regulation that affects almost every business that has, keeps or uses personal data.  The regulation aims to give individuals more control over how their personal data is used.  It imposes requirements for organisations to have cyber security rules and plans in place, with the consequences for failing to comply being very substantial fines.

“The issue of cyber security is not going away. Investors need to be confident that a business is prepared otherwise this could jeopardise existing and future investment.  A Growth Hub member which does not have a full handle on their tech estate now is in a race against time to ensure they do before next May,” added Helen Bassett.