Tougher laws on data protection will result in executive-level job losses and could drive SMEs out of business – that was the warning experts delivered to businesses attending a major cyber security conference.
It came first from John Unsworth, Chief Executive Officer at London Digital Security Centre, who talked to almost 100 delegates at the East Midlands Cyber Security Conference at Nottingham’s Village Hotel.
He said: “I predict that the CEO of a big business will lose their job and that a SME business will go bust because of the EU General Data Protection Regulations.”
GDPR will become part of British law next May and carries penalties of up to four per cent of global turnover for firms that fail to take appropriate steps to protect data on their files.
The warning was supported by Jim Steven, of Nottingham-based Experian, who talked delegates through the complicated and costly process of trying to notify customers that a data breach had occurred.
“At the moment, companies don’t have to report a cyber attack but under GDPR they will, which could also lead to a loss of corporate reputation and on average 60% of customers will consider finding alternative suppliers when a breach occurs,” he said.
Ensuring software is up-to-date and the growing risks of workers using cloud technology on company and personal smartphones, tablets and laptops while working away from the office were also discussed.
Latest reports suggest that cyber attacks now account for half of all UK crime, that two-thirds of companies might have fallen victim and 15% could have been hit ten times or more.
Despite the proliferation of cyber crime in recent years, only 0.01% of the UKs police resource is dedicated to the problem, delegates heard.
“Cyber crime is a rapidly growing phenomenon of modern business and one that is very hard to stay one step ahead of. The potential for any organisation or individual to fall victim to increasingly clever cyber criminals gets bigger every day,” said Andy Watterson, Business Crime Manager and cyber crime lead at East Midlands Chamber*, which organised the conference.
He added: “The threat of cyber attack grows every day, corresponding exactly with the dependence on computers in most businesses. But the threat is not just one of disruption, it’s also the damage that can be done to corporate reputation and the huge financial penalties companies will face from next year when the EU General Data Protection Regulations come into force.”
Raising awareness of cyber threats plays a critical part in preventing them, Andy said, adding: “Companies are used to considering compliance, legal, fire and flood risks but the message to come out of today was that many have still not grasped the cyber risk.”
The event was sponsored by Air-IT, an award-winning specialist in supply, installation and support of ICT systems for business.
Paul Judge, Marketing Director at Chamber patron Air-IT, said: “We’re delighted to be headline sponsor at this year’s East Midlands Chamber Cyber Security Conference and Expo. Highly regarded in the regional business calendar, the event helps bring together local businesses and leading experts in the field of cyber security.
“In wake of the recent global ransomware attacks, it’s essential that businesses take cyber security seriously. And we’re keen to help delegates learn from this example through our keynote speech focusing on the wannacry attack.
“Along with the forthcoming changes in data protection legislation, we’re aiming to give delegates a real insight into the ever-evolving threat landscape and growth in cyber crime. With practical advice, we’ll help delegates understand the growing risks to their business and educate them about the steps they need to take to safeguard their systems and staff.”
Various sessions at the conference were aimed at different levels of cyber knowledge, ranging from businesses working in the information security industry to firms seeking practical advice on the basic steps they can take to secure their business.
Andy added: “The Chamber has hosted a number of seminars across the region aimed at equipping local businesses with the information and knowledge they need to protect themselves online and will continue to work closely with local constabularies and national agencies to help push this agenda forward.
“This event was about bringing that range of expert knowledge together in one place to give local businesses the information and tools they need to recognise the risks and take steps to protect themselves.”