Cyber scaremongering isn't working claim small businesses

May 30, 2013

Stop talking about cyber security and start talking about digital business risk…that's the message coming over loud and clear from the small business industry.

A new Security Lancaster report has identified market failures that key stakeholders, such as universities and government, need to address to support the industry in growing a secure digital economy.

Earlier this year Security Lancaster, the EPSRC-GCHQ Academic Centre of Excellence in Research at Lancaster University, held a workshop involving regional micro, small and medium enterprises from a range of industrial sectors and experts in the field of cyber security and business.

The workshop, held in conjunction with London-based ICT Knowledge Transfer Network (ICT KTN), explored delegates' thoughts on business needs about cyber security and the findings from the Small Business Cyber Security Survey conducted by the two organisations.

The survey findings and workshop intelligence have just been published. It is hoped the report will help shape the debate around the support given to the largest sector in the .

Key findings include:

  • Cyber security fear, uncertainty and doubt are damaging and demand a need for clear communication.
  • Cyber security must be balanced against business agility and market responsiveness. When a business is small, the need for business agility is very high, to mitigate the risk of business collapse and to respond to customer needs.
  • SMEs are three different types of businesses (micro, small and medium) with different needs and cannot be treated as one sector. The size of the business impacts on its nature, culture and style of operation, which is radically different between micro, small and medium enterprises.

The workshop focused on ' thoughts on how organisations, such as the UK government, should support the small to medium enterprise community in defending themselves and also developing new business opportunities in the cyber security sector.

"Small to medium enterprises are key to the UK economy," says lead report author Dr Daniel Prince, Security Lancaster's Associate Director for Business Partnerships and Enterprise.

"We must support them in their defence against threats, but also encourage enterprises to differentiate and diversify their products and services to provide cyber security solutions to the UK market place. Our report starts to identify how collectively we might be able to achieve this.

"The message is very much - stop talking about cyber security and start talking about digital business risk. It is clear that the language used is vital to the uptake of the advice regarding cyber security. Scaring individuals to take action is not working and is actually having a negative effect. Further, the technocratic language used to describe cyber security is counterproductive, further driving individuals away."

Tony Dyhouse, the Director of the Cyber initiative at ICT KTN, commented: "Over the last few years I've witnessed the rise in the amount of information regarding cyber threats being provided to UK industry from government sources. There's been plenty of best practice guidance on recommended actions issued too. Yet the number of successful compromises and financial losses being reported seemed to show that this advice was not being acted upon. This was further evidenced by our Small Survey in 2012. I was surprised that even cyber-savvy companies seemed not to adopt the appropriate protection being recommended. Maybe it wasn't as appropriate as we thought?"

Explore further: Study: Social media users shy away from opinions

add to favorites email to friend print save as pdf

Related Stories

US, Canada launch joint cybersecurity plan

Oct 27, 2012

Canada and the United States announced Friday they were launching a joint cybsersecurity plan to protect their digital infrastructure from online threats.

FBI director: Cyber-threats will become top worry

Mar 02, 2012

(AP) -- The director of the FBI told an annual gathering of cyber-security professionals on Thursday that the agency needs the private sector to help combat what he believes is becoming the nation's No. 1 threat.

Recommended for you

Study: Social media users shy away from opinions

15 hours ago

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Fitbit to Schumer: We don't sell personal data

Aug 22, 2014

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

Aug 22, 2014

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

How much do we really know about privacy on Facebook?

Aug 22, 2014

The recent furore about the Facebook Messenger app has unearthed an interesting question: how far are we willing to allow our privacy to be pushed for our social connections? In the case of the Facebook ...

Philippines makes arrests in online extortion ring

Aug 22, 2014

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

User comments : 0