Most SMEs Do Not Provide Cyber Security Training

Small and Medium Enterprises (SME)s face a growing range of cyber security threats and the latest Report by Software Advice highlights the fact that 62% of SME leaders in Briatain have observed a significant increase in cyber threats in the last 2 years.  

Despite the proliferation of cyber attacks, 48% of managers surveyed admitted that their employees have not received any cyber security training in the last 2 years. The evidence strongly suggests that SMEs are not doing enough to protect themselves. 

The study reveals that 22% of SMEs have fallen victim to 1 or more cyber attacks between 2020-2021. Of this increase in attacks, the most common came in the form of phishing (at 57%), followed by malware (54%). Furthemore: 

  • 32% of managers claimed to not have a cyber security program within their company.
  • 50% of SMEs do not have a formal cyber security incident response plan in place.
  •  60% do not have any employee cyber security training. 
  • 24%admitted to never having conducted a security audit.
  • 35% of managers stated that, in case of an attack, they wouldn’t know what to do or how to report it. 

The majority of business leaders think that their employees have too much access to company data and that their biggest concern is about protecting customer data, particularly names, contact information and credit card details. 

  • 25% of respondents stated that their employees don’t have access to all data, but to more data than is strictly necessary to perform their job.
  • 23% admitted that employees have access to all company data. 

Considering that over 60% of SMEs have experienced an increase in cyber threats in the last 2 years, it becomes clear that inadequate cyber security measures are a major risk for many SMEs.

  • 48% of respondents have not received any recent cyber security training.
  • 38% of respondents stated that a lack of budget was the main barrier preventing companies from being able to protect themselves against cyber attacks. 
  • 33% referred to a lack of skilled IT personnel.
  • 27% blames low-security awareness among employees.

As cyber attacks are becoming more common as companies and their customers share more data online and  remote working compromises company security systems, the lack of adequate cyber security training for employees more should be a much more urgent priority for SMEs. 

FCC.Gov:         Gov.UK:        Software Advice:      FE News:        FSB Skills Hub:      

You Might Also Read: 

Is Cyber Training Fit For Purpose?:

 

« Online Fraud Is A British Security Nightmare
An Invasion Of Ukraine Might Coincide With Cyber Attacks On Western Banks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

Introspective Networks

Introspective Networks

Introspective Networks (IN) is a Cybersecurity company focusing on securing data in the network and automating knowledge work to decrease vulnerability points to critical infrastructure.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

Gulf Computer Services Co (GCSC)

Gulf Computer Services Co (GCSC)

Gulf Computer Services is a major player in the field of networking & Communication solutions for emerging industries such as Internet Services and Information Technology in Saudi Arabia.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Astaara

Astaara

Astaara is an integrated insurance services and risk management advisory business incorporating cyber risk advisory, underwriting and analytics.

Kordia

Kordia

Kordia is a leading provider of mission-critical technology solutions throughout Australasia. We have the most comprehensive cyber security offering in New Zealand.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.

National Cybersecurity Competence Center (NC3) - Luxembourg

National Cybersecurity Competence Center (NC3) - Luxembourg

The purpose of the is to strengthen the Country's ecosystem facing cyber Luxembourg National Cybersecurity Competence Centerthreats and risks.