A new research report commissioned by internet security and cybercrime solutions provider StayPrivate has found that the majority of companies in the United Kingdom are well aware that they are exposing their own customers to the risk of cybercrime through the way they use email, but are failing to take meaningful action. Moreover, the study has uncovered a troubling belief among small and medium enterprises (SME) that cybercriminals are only interested in targeting larger corporations, which in turn has created a false sense of security among small operators.

Growing risk, slow response

According to the survey results, 73 per cent of surveyed business owners, C-suite and senior management understood that by using their client’s personal email to send and receive confidential information they were leaving themselves and the client vulnerable to cybercrime. Almost half (43 per cent) conceded that they were likely to become a victim of cybercrime in the future, with around 20 per cent disclosing that they had already suffered a hack of their own or their client’s email account. Only half of those who responded to the survey reported having a policy in place to prevent employees from sending personal or confidential information to non-work email addresses.  

Fighting misconceptions

StayPrivate founder and COO Rob Reid commented: ‘In the past few years we have seen too many examples of how corporate reputations can be left in tatters if a firm is attacked by cybercriminals and our research shows that British SMEs are simply not doing enough to address the cyber threats posed to them and their customers.’  At the core of the problem, the report suggests, are misconceptions about cybercrime. More than 10 per cent of respondents said they weren’t taking action on cybercriminal risk because they didn’t think it was a big enough issue, while one in five expressed the belief that hackers generally don’t target SMEs.