The Scottish public sector spends more than £11 billion a year buying goods, services and works but SMEs in the professional services sectors could miss out on a share of the lucrative market by failing to show that they take digital security seriously, the firm has warned.

Austen Clark, managing director Clark Integrated Technologies, said that businesses with public sector contracts – or those that hope to win work in future procurement processes – will need to show their commitment to cyber resilience by seeking a recognised accreditation.

He warned that companies that fall short on having cybersecurity recognition do so at their peril.

Mr Clark said: “As part of the tightening of supply chain cybersecurity, contractors that fail to meet minimum requirements can be ruled out of the bidding process.

“Being out of the procurement process means lost opportunities, and a loss in revenue streams which could have far-reaching implications for SMEs of all kinds, from building trades to hotels, taxi operators to cleaning contractors.

“The ability to evidence a defined knowledge, understanding and commitment to cybersecurity is not only being seen in the public sector, but is increasingly embedded in the wider business landscape.

“This is not without reason. Setting standards on digital security is an effective way to minimise the impact of the rising tide of hack attacks. It’s essential to business resilience and more commercial operators are seeking similar safeguards from their suppliers.

“In a climate of increasing cyber threats, supply chains can be seen as an easy route to attack larger organisations. At its core, these measures are being put in place to raise awareness and enhance cyber resilience. It’s critical for SMEs to evidence that they have high regard for cyber and trade securely, regardless of size or sector.”

The average cost of a cyberattack on an individual SME is around £6500 but the damage can be far more than financial – it impacts on the reputation and can damage a brand, stopping its ability to win new business, or losing existing clients.

These crisis incidents cost the UK economy £8.8bn, and are a growing concern for small businesses everywhere, with nearly a quarter of those recently surveyed saying they had been affected by an attack in the past year. Almost a quarter said they couldn’t survive for more than a month if unable to trade following an incident.

The Scottish Government has a scheme in place for SMEs and sole traders to access up to £1,000 to help improve their digital health by obtaining Cyber Essentials certification, which can help protect against many internet-borne attacks.

Mr Clark added: “Applications for this scheme remain open until March, or until the funding pot dries up, so I’d strongly advise businesses to take advantage right away.”