A new report has highlighted the small business sector’s vulnerability to cyber crime, and has revealed that SMEs are actually more likely to suffer attacks than larger companies, with two thirds reporting some kind of attack over the last two years.
The report, issued by the Federation of Small Businesses, (FSB), is titled ‘Cyber Resilience: How to protect small firms in the digital economy,’. It suggests smaller firms are ‘collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion.’
According to the FSB, the most common forms of cyber attack are phishing emails (49%), spear phishing emails (37%), and malware attacks (29%). The potential damage to SMEs is magnified, the research says, by Cyber crime costs small businesses disproportionately more than big businesses when adjusted for organisational size – and is further magnified by the increased importance of the internet small firms, with 99% of the UK’s 5.4 million small firms rating the internet as being highly important to their business, with two in three (66%) offering, or planning to offer, goods and services online.
Currently, small businesses are largely left to tackle the risks of cyber crime themselves. But the FSB is now calling for more support to be given to those smaller firms least able to bear the burden of the increasing global cyber threat.
‘SMEs often least able to handle cyber attacks’
Mike Cherry, FSB National Chairman, said: “The digital economy is vital to small businesses – presenting a huge opportunity to reach new markets and customers – but these benefits are matched by the risk of opportunities for criminals to attack businesses. Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks. We’re calling on Government, larger businesses, individuals and providers to take part in a joint effort to tackle cyber crime and improve business resilience.”
The Federation had some suggestions to remedy the situation, including encouraging schools to try and incorporate digital learning as well as providing better incentives for small businesses to encourage them to invest in cyber resilience measures and adopt best practice when it comes to increasing their cyber resilience
As for the IT industry itself, Stephen Love, security practice lead for EMEA at IT vendor Insight said that the study highlights a key issue in the business landscape: “The fight against cyber crime needs to be collaborative. When trying to protect itself against malicious attacks on its network, a small business finds itself in a David versus Goliath situation. But work with thousands of other small businesses, enterprises and the government, soon the small business becomes the goliath.”