Small businesses fear red tape in EU cyber directive

An incoming EU directive to help tackle cybercrime could in fact hurt small businesses with expensive red tape, a leading expert has warned.

The data protection bill will force companies to tell regulators every time they suffer a data breach. Cyber attacks by gangs and terrorists is one of the fastest growing forms of crime – the Cabinet Office has estimated that this could cost as much as £27bn to the UK economy every year.

However, the cost of reporting a data breach is thought to be around £85, which includes restoring any information lost, and there could be thousands of lines of data hit by a single attack. Smaller firms would struggle to pay these costs.

Simon Taylor is executive director at Clear Insurance, a broker that sources cyber insurance. He said: "Increasingly employers of around 25-100 people are coming under attack." Mr Taylor also warned that firms could find their reputation badly – and unnecessarily – hit from publicly acknowledging insignificant attacks that are bound to worry customers.

The EU and other legislative bodies are concentrating more carefully on cyber crime as there is a growing realisation that mafia-type organisations believe this is a safer way to steal.

Last week, communist North Korea denied that it was behind an attack on its capitalist neighbour to the south. Many broadcasters and banks were shut down in South Korea after an attack on 20 March that was initially found to have originated from Chinese computers.