Skip to main content

Why The Giant British Airways Fine Highlights Extra Struggles For SMEs

blog British Airways cyber-attack GDPR SMEs
Following the implementation of the GDPR, it's no secret that suffering from a cyber-attack can wreak havoc on your organisation - just look at British Airways. The company was recently fined a record £183 million for last year's data breach. The ICO said it was the biggest penalty it had handed out and the first to be made public under new rules. 

What Happened?

Users of British Airways' website were diverted to a fraudulent site. Through this false site, details of about 500,000 customers were harvested by the attackers, the ICO said. (www.bbc.co.uk/news/business-48905907) 

However, while large businesses like British Airways can eventually recover from a high-profile data breach and hefty GDPR fines, the results of such an event for SMEs can be devastating. 

Indeed, SMEs have more limited resources to protect themselves and respond to cyber-incidents. But even with fewer resources, your business shouldn't ignore the risk of a cyber-attack and accompanying GDPR fines. 

Use these tips to promote cyber-security:


  • Staff training—Conduct routine, internal cyber-security training for employees in all departments—not just IT.
  • Response planning—Establish an effective, comprehensive cyber-incident response plan and test it regularly with staff.
  • Proper cover—Purchase robust cyber-insurance to provide ultimate protection.

For more information on insurance solutions to protect against the repercussions of a cyber-attack, please contact ICB Group today.



The content of this Profile is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly.
© 2019 Zywave, Inc. All rights reserved.