Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.
Alan Calder of IT Governance

The UK’s SMEs cannot afford to wait: action is needed now.

Ely, England, 7 May 2013: IT Governance, the global leader in IT governance, risk management and compliance expertise, is launching the UK’s first expert service to assess cyber security risks for small- and medium-sized enterprises (SMEs).

According to the 2013 Information Security Breaches Survey commissioned by the UK’s Department for Business, Innovation and Skills, UK businesses are losing up to 6% of their turnover to cyberattacks, with some breaches thought to cause more than £1 million of damage.

Given the increasing cyberattacks on SMEs over the past year, IT Governance’s new Cyber Security Risk Assessment is dedicated to providing these organisations with the straightforward but crucial steps they need to take to defend themselves.

Alan Calder, Chief Executive of IT Governance, says: “The UK government has just identified that, although many businesses have information security high up their agendas, and suffer regular and costly cyber breaches, to date very few have managed to take effective action. This is not surprising: few organisations, especially those which are smaller in scale, have the internal skills and competence to identify, assess and remedy cyber security risks.

“For most SMEs, training their staff to the level necessary to safeguard against cyberattack would take years of investment and effort. In addition, while initiatives such as the government’s extension of innovation vouchers to cover cyber security are a welcome step, they are unfortunately limited and infrequent. The UK’s SMEs cannot afford to wait: action is needed now.”

IT Governance’s Cyber Security Risk Assessment provides organisations with a no-nonsense, practical assessment of the gap between the minimum recommended security stance established by the UK’s Cyber-security Framework for Business and companies’ actual stance, creating an immediately actionable plan which helps improve cyber defences. IT Governance’s experienced cybersecurity consultants carry out a robust assessment of organisations’ performance in each of the 10 areas detailed by the framework:

1. Board-led information risk management regime
2. Secure home and mobile working
3. User education and awareness
4. User privilege management
5. Removable media controls
6. Activity monitoring
7. Secure configurations
8. Malware protection
9. Network security
10. Incident Management (in support of organisational cyber-resilience)

Stopping around 80% of today’s cyberattacks and building the resilience to cope with the other 20%, a Cyber Security Risk Assessment provides a tailored, immediately usable action plan, transforming day-to-day practice into recognised good practice.

Calder says: “Although we will also be working to help organisations apply for innovation vouchers, we urge the managers of the UK’s small- and medium-sized businesses to invite specialists to take a dispassionate look at their cyber security stance. Above all, they should establish a clear plan which they can immediately start implementing.”

IT Governance’s Cyber Security Risk Assessment is available for an investment of just £3,000. To find out more, call tel.: 0845 070 1750 or email

- Ends -


80:20 Communications
+44 (0)1483 447380
Susie Lunt
Marc Cornelius


IT Governance Ltd is the single-source provider for books, tools, training and consultancy for governance, risk management and compliance. The company is a leading authority on data security and IT governance for business and the public sector. IT Governance is ‘non-geek’, approaching IT issues from a non-technology background and talking to management in its own language. The company’s customer base spans Europe, the Americas, the Middle East and Asia. More information is available at:

This press release was distributed by ResponseSource Press Release Wire on behalf of 80:20 Communications Limited in the following categories: Business & Finance, Manufacturing, Engineering & Energy, Computing & Telecoms, for more information visit