Unresolved confusions about GDPR compliance and an avalanche of phishing emails, many of them masquerading as emails from CEOs and foreign billionnaires, are among the top concerns for small and medium enterprises (SMEs) for the current year, a survey has revealed.
A survey carried out by IT services provider Q2Q to gauge the top risks that owners of SMEs intend to tackle in 2019 has revealed that internet issues, GDPR compliance issues, and dealing with phishing emails are the top concerns that SMEs are struggling to deal with.
While 52% of owners at SMEs said that internet issues remained the top technology-related headaches for their firms, 41% of them said that their firms are still struggling with GDPR compliance, and 22% said that emerging online risks are the biggest headaches for their organisations.
GDPR compliance issues for SMEs is rather worrying
As far as problems with GDPR compliance is concerned, Andrew Stellakis, managing director at Q2Q, said that the fact is quite worrying considering that it has been six months since GDPR came into effect and that complying with GDPR isn't as daunting as it may seem.
"As an accredited virtual data protection officer, it’s also rather worrying that – six months on – 40% of SME’s are still unsure about the rules and regulations surrounding GDPR. Over the past 18 months, I’ve spent a lot of time working closely with SMEs to ensure they are fully compliant – and it isn’t as daunting as it may seem.
"The appointment of a dedicated IT provider or GDPR officer – either in-house or externally – is often left until something goes wrong. But, as the news has been filled with reports of cyber-attacks and GDPR fines over the past few months, it should be all SME owners’ New Year’s resolution to ensure their company – and reputation – remains intact in 2019," he said.
CEO fraud & phishing attacks remain top concerns
The survey commissioned by Q2Q also revealed that phishing emails that masquerade as emails from CEOs and foreign billionaires and often contain requests for high-value fund transfers, make up 38% of all spam communications, making phishing attacks among the top IT-related concerns for SMEs in 2019.
The survey also revealed that many small and medium enterprises are still lacking sufficient cyber security controls to deal with emerging online risks. While 64% of SME owners said they outsource their IT support functions, 10% of them said they do not have any technical provision at all.
The absence of sufficient cyber security policies or tools to tackle emerging online risks could expose such firms to financial penalties under GDPR in the event of a data breach or loss of customer records.
ALSO READ: Cyber security trends to watch in 2019