Robert O’Brien, of internet security firm MetaCompliance, said the rise of hacking means business leaders and members of the public can no longer afford to think “it won’t happen to me” when it comes to cyber crime.
Mr O’Brien’s made the comments following the British Chambers of Commerce findings that 20 per cent of UK businesses were victims of cyber attacks in 2016-17.
“Figures released by the British Chambers of Commerce (BCC) today show that one in five businesses fell victim to a cyber-attack in the past year. The figures from the BCC’s digital survey highlight the startling threat to the business community and the alarming potential for floods of personal details to fall into the hands of thieves.
“Data compromised will be sold on the dark web and the next step will be criminals hitting people’s inboxes with phishing emails - exactly the type of scams which cost consumers hundreds of millions of pounds each year.
“To put it in perspective, in the case of Wonga’s recent breach - when the personal details of more than 250,000 customers were compromised – it is very conservatively estimated that least 10 per cent of those people will lose money to cyber criminals.”
And the financial threat to businesses of ignoring cyber risks will soar with the introduction in May 2018 of the new General Data Protection Regulation (GDPR).
“With the GDPR approaching, all companies need to get their acts together to avoid very costly and potentially business-ending penalties. Organisations who are found in breach of the regulations will incur penalties of up to €20,000,000.
“A worrying number of UK businesses believe GDPR will not affect them. However, GDPR will require all organisations to disclose major data breaches - including those stemming from cyber-attacks - to data protection authorities and affected customers.
“For all businesses, the first line of defence is employees and it is vital that they are given the training and education to ensure no doors are left open for hackers. It important that everyone is fully aware of their responsibilities to take the right steps to minimise risk from cyber criminals.”