Cybersecurity breaches are a very real and impending threat to any modern business with a digital presence. Yet research shows that many businesses are still oblivious and unprepared, and might have even experienced a cybersecurity breach without realising it.
In a recent study of UK businesses commissioned by Fasthosts and carried out by YouGov it was found that 89% of UK microbusinesses (those with 10 or fewer employees) claim to have never been affected by an online security breach.
Although that sounds like a positively high percentage, the likelihood is that many of those businesses will have experienced cyber-attacks without realising it. Previous Government studies found that 43% of UK businesses have suffered cyber-attacks in the last year alone.
So there are a lot of businesses who are being breached without even knowing about it. This lack of knowledge is perhaps unsurprising when paired with the statistic from the YouGov/Fasthosts study that 79% of the microbusinesses surveyed do not consider site security a high priority.
The research was conducted to further understand the perception of security among small businesses in the UK, and it seems that even after a string of high profile attacks, businesses still aren’t taking cybersecurity seriously.
Simon Yeoman, CEO of Fasthosts, said of the research “It’s clear that many small businesses underestimate the seriousness of the threat of cybersecurity breaches. In reality, many of the small businesses that claim to have never been affected by security breaches most likely have been — they are simply unaware that anyone attacked them.”
What else the survey showed, however, was that the vast majority (84%) of microbusinesses claimed to have cybersecurity protection in place – although, only 63% of those reported having a firewall, and a mere 14% have intrusion detection systems. So, again, there’s a perceived knowledge gap between claims and reality.
The most worrying part, and perhaps the root cause of the problem, is that only 53% of those with cybersecurity protections in place, update their systems and programs on a regular basis. It’s Simon’s suspicion that many businesses don’t understand the risks of running outdated systems.
“We do everything on our end to maintain the security of our customer’s websites, but the customer needs to also remain vigilant. Our data centres are secure, and the way that we manage our systems is very secure, but we need to do a better job of highlighting the risks involved with the software customers run,” Simon said. “Many microbusinesses think that since our platform is secure, they’re going to be fine, and they don’t necessarily keep their software and operating systems up to date.”
Many customers skip over “inconvenient” software updates mistakenly thinking that their only purpose is for new features, or to waste space. Think of how many people choose to skip their iOS updates on their mobile phones. Constant updates are inconvenient and a drain on storage space, right? Well, these updates also often include the latest patches to any potential security leaks, and the concept is exactly the same with web hosting and Windows or Linux operating systems.
If you aren’t running the latest version of the software or operating system, then there’s a chance you’ll be exploited. This risk is pushed even further if a customer’s website was set up by a third-party web designer.
Usually these partnerships end when the website is published, and then the updates are ignored or forgotten about.
To read more of Simon’s thoughts on the importance of cybersecurity among UK businesses, read his full interview with HostingAdvice.