SMEs failing on cyber crime training

The UK’s small to medium-sized firms are failing to train their staff on cyber security despite them citing online crime as the number one threat to their businesses.

A poll of 250 UK SMEs by CFC Underwriting, an insurer, found 27 per cent don’t train their staff in cyber-awareness, leaving their firm vulnerable to online threats.

The lack of preparedness is despite a whopping 78 per cent rise in cyber-related insurance claims over 2015 and 2016, CFC said.

And SMEs also think cyber crime is the number one threat to their business after Brexit.

CFC said 20 per cent of firms have never assessed their business exposure to cyber risk, meaning they have little or no idea how exposed they might be to online crime.

CFC Underwriting’s chief innovation officer, Graeme Newman, told Infosecurity Magazine: “There’s a massive human element to cyber risk and having staff understand that this human link even exists is a good start in trying to get everyone within an organisation on board with making their work environment more secure.”

Mr Newman said that if employees are made aware of potential cyber threats - and what they can do to help tackle them - then they will be making a “huge stride forward” in adopting cyber best practice.

Other training to-dos include managing corporate devices to mitigate against the risk of loss or theft.

“Along those lines, a lot of problems start when employees use company computers for personal use, so having rules in place to limit that is also helpful,” Mr Newman added.