KPMG in SME security push
Auditor warns smaller firms are increasingly at risk from cyberattacks and offers service to help protect them
KPMG Enterprise is launching a cybersecurity service for smaller and mid-tier companies, as the professional services firm warned it is not just big corporations that are at risk of cyberattacks.
The Accelerated Security service provides a number of cyberdefence controls designed to help SMBs and mid-tier firms protect themselves.
Martin Tyley, KPMG Enterprise cyber partner, said more attackers are now turning their attention away from the big corporations and this can be "hard to stomach" for some firms.
"It's increasingly important that smaller businesses, which have not historically considered themselves to be a target for cybercrime, develop resilient cyberdefences. We are seeing attackers focus on businesses with lower levels of cyber maturity as large corporates, the more traditional targets, enhance their protection," he said.
"In fact, any organisation that holds valuable data is a target for hackers, which can be hard to stomach for a business that has previously stayed below the radar. This realisation can leave some companies struggling to achieve their aspirations without feeling exposed to cybersecurity risk - a concern our new package addresses."
According to KPMG, the new service allows companies to achieve certifications, including the government's Cyber Essentials scheme. In February, Wick Hill became the first UK security distributor to be certified on this scheme.
Tyley said small businesses can also suffer financial penalties for data loss breaches.
"The government is increasingly considering failure to protect customer data to be a public interest breach and the Information Commissioner's Office (ICO) is fining organisations up to £500,000 for breaching the Data Protection Act," he said.
"Suffering a customer data loss can trigger an ICO investigation, risking a financial penalty that can really hurt a smaller business."
According to KPMG, the Accelerated Security service does not require significant IT resources to implement, and can be installed in weeks.