UK firms are warned to tighten up on security

SMEs are slack when it comes to data security

Inefficient security practises are threatening UK business

Small and medium sized enterprises (SMEs) are most likely to fail at effectively securing their data said a warning from the Economic and Social Research Council (ESRC) potentially compromising a large portion of the UK economy.

SMEs make up 51.9 per cent of annual turnover in the UK and over 99.3 per cent of businesses, according to figures from the Department for Business, Enterprise and Regulatory Reform.

“Information security is now a mainstream political issue, and no longer the province of technologists alone,” said Tyler Moore of the Computer Laboratories, University of Cambridge.

“In 1999 it became clear that even the latest and greatest technology will not solve all our problems if those who protect and maintain them are not sufficiently movitated. The issue is one of incentives.”

“Security is about managing the risk from people, both known and unknown, interacting with your information and information systems. It is more about people management than technology," said Bruce Hallas of Marmalade Box, an information security consultancy.

Meanwhile reported fraud cost UK businesses over £705m in the last six months, 74 per cent up on the same period last year and hitting £317m in April 2008 alone, says research from accountant BDO Stoy Hayward.

Banks and insurance firms saw suffered costs of more than £636m, or 90 per cent of the total cost of fraud in the first half of 2008 and management fraud accounts for 46 per cent of fraud cases, third party fraud accounts for 32 per cent, costing businesses a total of £541m.

While the main culprits are internal managers and suppliers, regulators make life even harder, said Simon Bevan, head of BDO Stoy Hayward’s fraud services team.

“What we are essentially saying is that management are robbing you blind, suppliers are ripping you off left right and centre and regulators are breathing down your neck."

"As the recession deepens, regulatory pressures will increase and regulators will become more intrusive, so be prepared. That’s a triple whammy for businesses in the UK.”