The Information Commissioner's Office (ICO) has called for a dedicated security standard and certification process for small and medium sized businesses in order to improve their security posture.
The data protection watchdog made several recommendations in a newly published review (PDF) into the availability of security related advice for SMEs, designed to address what it sees as "large areas of gaps and overlaps".
"The ICO recognises that SMEs will not have the technical expertise that many larger businesses have at their disposal," said an ICO spokesperson.
"Many small businesses use personal information, and we recognise that SMEs need practical and concise guidance to help them comply with the law and handle personal information appropriately."
The review argued that advice for SMEs is not where they would normally try to find it, and that sites such as Business Link, the British Chambers of Commerce and the Federation of Small Businesses should show visitors the way to other sites containing more comprehensive information.
"Supply chain pressure from big customer organisations is a small but growing driver. Unfortunately, it encourages demands for the adoption of standards and practices that were not originally designed for small companies," the review noted.
"The absence of a simple security standard and certification process, perhaps including a self-certification mechanism, is a major barrier for SMEs wishing to implement security."
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007