IT Security

Share to Facebook Share to Twitter Share to LinkedIn

Accountancy and investment management group, Smith & Williamson have found that nearly 45% of small businesses still don’t have any sort of cyber security plan in place.


The recent Wannacry ransomware attack that left a number of high profile companies, including the NHS, completely debilitated prompted Smith & Williamson to carry out this research. It indicated that small businesses do not have any cyber security in place to combat such attacks if they were to occur again.

Partner and head of technology at Smith & Williamson, Fergus Caheny said “For an investor, a business that has thought about their cyber security and has more control of their tech estate can be more attractive for investment. It shows that they take these things seriously and is a reflection of the culture and values the company has.”

“We wouldn’t expect all early stage businesses to be spending extravagant amounts on developing a plan and high-tech software. However, the owners and managers should be able to demonstrate that they have thought of the problems and have a plan should the worst happen. Equally we would expect the tech investment to scale and grow as the business does.”

Legal obligation

While the Wannacry cyber-attack should be a warning to all businesses to up their cyber security, it will soon become law for companies to do more to protect personal data. The General Data Protection Regulation (GDPR), will come into effect at the end of May 2018 and it forces businesses to have cyber security plans and rules in place – and if they don’t comply with this they will receive heavy fines.


It is essential that every business has a strong cyber security plan in place, no matter how big or small the company is, because if you don’t it could cost millions of pound in legal fees as well as the money a hacker has requested if it is a ransomware attack.

Further Reading

For more information, please visit: