Security expert warns of SME vulnerabilities

Thousands of small businesses in the UK are being attacked every year, and many are not taking sufficient action to protect themselves, according to a digital security expert.

Writing in a recent guest blog post, the director of security monitoring at Mastercard, Rebecca Ledingham, says that while attacks on multinational companies grab the headlines, SMEs are also the subject of cyber attack, particularly in the UK, where the start-up community is regarded by hackers as a soft target.

Ledingham notes that according to a report by insurance company Zurich, half of the UK’s SME invest less than £1000 on defending themselves against cyber attack, yet thousands of SMEs in the country are attacked every year. Many UK SMEs are using free website-creation software and these are particularly vulnerable.

According to Ledingham, hackers will scan blocks of IP addresses to find vulnerable operating systems and once they have identified an SME’s system, they can explore a site’s code to find its weaknesses, like a burglar looking for an entry point. The consequences for an SME of being hacked could be disastrous and many will go out of business.

Working with third party payment facilitators to ensure payment processing complies with international standards is one method of reducing the risk to SMEs, and Ledingham also highlights the possibilities of tokenisation, which could reduce the need to retain customer financial data. But according to Ledingham, the bottom line for UK SMEs is not to ignore cyber security and to invest properly in anti-hacking technology.