Businesses across the globe from large multi-nationals to small enterprises are embracing the opportunities an ‘online’ presence can offer. On-line businesses tend to regularly out-perform the average speed of the economy. Consumers now not only expect instant and continuous access to a company’s products and services at any given point or place but customers will purchase in many cases with the lowest point of resistance. Those businesses proactively embedding security smoothly and seamlessly in to the customer transaction process are receiving the greatest rewards.
Online Expansion is the process of a business moving to offer its products and services through digital channels. Businesses are expanding online due to the huge market that is available through the internet and the potential to generate larger and faster revenues. Capital Economics reported that 48% of SME’S are expected to generate their revenue through e-commerce over the coming years meanwhile 45% of all SME’S use e-commerce. It is estimated that revenue growth expectations for SME’s that use e-commerce will grow by 1.8% in 2017. In addition, SME’s that use e-commerce have a customer confidence index score of +7.
There are many different threat actors a business with an on-line presence must consider depending on the industry it operates and territories its customers are based. From state sponsored cyber terrorism for critical infrastructure, to corporate espionage for firms reliant on sensitive intellectual property, to recognised community names for hackers who attack for fun or credibility, to business with perceived valuable financial/health data by criminal gangs the scale and range of threat actors is wide. As a business develops out its on-line presence from offering simple documents and brochures to be downloaded, feedback forms, portals and full e-commerce transaction sites where an exchange of goods or services is made for financial benefit the risk of cyber-attack is present.
Cyber-Attacks on larger businesses such as Tesco Bank have not been enough warning to SME’s to protect themselves properly. RSA’s report states that businesses will only buy the cover required when a cyber-risk/threat becomes a personal issue for them. 53% of businesses with some type of insurance cover said they have been attacked before or know businesses that have been attacked.
A report by “Careers in Audit” in 2016 stated not understanding the risk and technical knowledge of the correct protection against cyber-attacks is allowing this problem to continue. Simon Wright, operations director at CareersinAudit.com, said, “It is clear from our latest research that many businesses are leaving themselves hugely exposed by having weak risk management systems and in some cases, none in place at all”.
Online expansion is a very important step for most businesses to take for growth, however it is important that SME’s understand the cyber risks that can harm a business. If businesses fail to take the right actions, the consequences may cause serious harm to future customer online transactions.