Mid-market firms vulnerable to cyber-crime, study finds

Immersive Labs

Cyber-crime and security breaches cost Britain’s mid-market businesses at least £30 billion in the last year alone, a leading audit and accountancy firm says.

Research conducted by Grant Thornton UK LLP reported that over half of interviewed companies (53%) said revenue had fallen by 3-10% in the wake of a data breach.

The companies hit hardest reported losses of up to 25% of revenue, while 6% of those surveyed said that a breach caused a loss of 11-25%.

In spite of the alarming findings, the study discovered that 63% of companies polled had no designated board member tasked with taking care of cyber-security issues. An incredible 63% said that no formal review structure was in place to address cyber-security and data management.

The organisations questioned also demonstrated a poor preparation with regards to developing a cyber-security conscience among their workers. Just 36% had given their employees cyber training over the course of the past year.

Commenting on the findings, partner and head of cyber consulting at Grant Thornton, James Arthur, said:

“Boards have a key role to play in ensuring an effective cyber strategy is in place. Putting cyber-crime onto the board’s agenda is one of the most effective ways to minimise the chances of a successful attack and reduce the financial impact if a breach occurs. With that in mind it is worrying that almost two thirds of the businesses we interviewed do not have a board member responsible for cyber security.

“While commitment from the top is vital, ensuring your people are properly trained is also essential. Often, companies make themselves vulnerable to attack simply by failing to get the basics right.

“Training to raise employee awareness can have a hugely positive impact on cyber security. People are often unaware of the important role they play in helping a business to stay protected, so companies of all sizes need to ensure they have regular and ongoing cyber security training in place.”


We’re now live at PrivSec Global!
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.

Register your virtual seat today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.

Secure your seat

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.