17 June 2016
According to new analysis from the Federation of Small Businesses (Cyber Resilience: How to Protect Small Firms in the Digital Economy), small firms in the UK collectively fall victim to cybercrime 7 million times per year, at a cost to the economy of around £5.26 billion.
And even though 93% of small firms have taken steps to protect their business from cyber threats, those measures have proven inadequate: 66% of small businesses have been a victim of cybercrime. These businesses suffer an average of four cybercrimes every two years at a cost of nearly £3,000 – disproportionately more than big businesses when adjusted for organisational size.
Phishing (49%), spear phishing (37%) and malware (29%) attacks are the most frequently reported methods.
FSB’s national chairman Mike Cherry said: “Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks. We’re calling on Government, larger businesses, individuals and providers to take part in a joint effort to tackle cybercrime and improve business resilience.”
Cyber security controls for small businesses
Analysing the preventive measures taken, FSB found an overwhelming reliance on security software – 80% of respondents had installed it. However:
In fact, “Neither the Cyber Essentials Scheme nor ISO 27001 appear to have been adopted by the small businesses community in any significant scale.”
This only reinforces the findings of a 2015 Cyber Streetwise study, which found that SMEs were “putting a third (32%) of their revenue at risk because they are falling for some of the common misconceptions around cyber security, leaving them vulnerable to losing valuable data and suffering both financial and reputational damage”.
Website by Spi-des-ign